It’s about time for an update, Mr. Microsoft! How can you possibly have a bug that has been around since 1993? It is amazing that things like this get through, but luckily Google is around to fix that problem, or at least suggest a way to get it fixed, The Register has the full article, here is a snippet:
A security researcher at Google is recommending computer users make several configuration changes to protect themselves against a previously unknown vulnerability that allows untrusted users to take complete control of systems running most versions of Microsoft Windows.
The vulnerability resides in a feature known as the Virtual DOS Machine, which Microsoft introduced in 1993 with Windows NT, according to this writeup penned by Tavis Ormandy of Google. Using code written for the VDM, an unprivileged user can inject code of his choosing directly into the system’s kernel, making it possible to make changes to highly sensitive parts of the operating system.
