What Remote Code Execution Is And Why You Should Care…
You may remember a while ago in Windows, a but was discovered that dated all the way back to the days of Windows 9x and even 1.x concerning a hole in the SAM database that allowed remote code execution with elevated privileges.
Now, obviously, if you’re using Linux the likelihood is that you understand this, but what about the average Windows user?
The fact is that most Windows users probably didn’t even hear of the issue (since they weren’t around TechNet and other IT pro sites at the time) And just saw yet another annoying software update to dismiss. Not to mention the many users (including myself) who are still running older versions of Windows 9x and XP. In fact, this list is a long one:
1.0
3.0
3.1
95
95 IE
95 Plus
98
98 Lite
98 SE
98 Plus
2000
2000 ME
XP
XP SP1
XP SP2
XP SP3
Vista
Vista SP1
Plus some more that I’ve doubtless missed.
Aren’t going to get an update at all unless they buy a new edition of Windows or hack the registry of their current install leaving many users unaware that their computers may well be accessed by an attacker using the bug allowing remote code execution with elevated privileges.
So, in short, if you;re no bored already, these bugs allow users to run code unnoticed on a PC with full privileges and without the user’s permission. Possibly allowing keylogging, data encryption, botnets and thousands of other rather nasty things.