Post Sun Apr 20, 2008 12:51 pm

Microsoft (Belatedly) Admits to Windows Server 2008 Token Kidnapping

Token Kidnapping - Vulnerability in Windows Could Allow Elevation of Privilege

Read more about it at
http://securitywatch.eweek.com/flaws/mi ... pping.html

Microsoft Security Advisory
http://www.microsoft.com/technet/securi ... 51306.mspx

Presentation
http://www.argeniss.com/research/TokenKidnapping.pdf
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n