http://www.theregus.com/content/55/25023.html By John Leyden Posted: 05/23/2002 at 06:50 EST Microsoft has admitted that its Windows debugging facility is itself subject to a security bug. In an advisory issued yesterday, Microsoft admitted the authentication mechanism for the debugging facility is flawed in a way that allows unauthorised programs to gain access to the debugger. The upshot of this is, providing an attacker can log-in to a target machine - and that's a big if - a cracker can screw your Windows box six ways to Sunday. If they obtain access either directly to a console or through a terminal session, crackers might be able to run code of their choice. Microsoft suggests a few possibilities might include "deleting data, adding accounts with administrative access, or reconfiguring the system" (isn't all this built into XP anyway? - Ed). No surprise then that Microsoft describes a patch it has issued to fix the flaw as of "critical" importance for client systems. You can find more information on the problem, and links to the patch here : http://www.microsoft.com/technet/security/bulletin/MS02-024.asp . TechNote The Windows debugging facility "provides a means for programs to perform diagnostic and analytic functions on applications as they are running on the operating system," Microsoft explains. "One of these capabilities allows for a program, usually a debugger, to connect to any running program, and to take control of it. The program can then issue commands to the controlled program, including the ability to start other programs."