A hacker called Peter Winter-Smith discovered a security hole in NVIDIA's display driver service that allows local and remote users (Windows firewall/file sharing permitting) to gain administrator privileges in Windows via a stack buffer overflow.
Mr. Winter-Smith posted a description and details of the exploit, in which he describes the NVIDIA Display Device server (NVVSVC) as listening on a pipe (a means by which different processes talk to each other) "pipensvr," which has an null/empty discretionary access control list (DACL, a security whitelist for users/groups), letting ordinary logged in local and remote users (firewall permitting, and the remote admin has a local account) to gain administrator rights to the system.
Wi-Fi Protected Setup PIN Brute Force Vulnerability - 12/30/2011 01:38 PM
A researcher has discovered a security hole in WPS technology that affects millions of Wi-Fi routers around the world. A few weeks ago I decided to take a look at the Wi-Fi Protected Setup (WPS) techn...
Microsoft to plug 11 vulnerabilities on Patch Tuesday - 04/10/2010 12:24 PM
Microsoft announced this month's Patch Tuesday will feature 11 security bulletins addressing 25 vulnerabilities in Windows and Office. For Windows there are five critical updates, three important upda...
Post New Comment
Click here to post a comment for this news story on the message forum.