Icon of program: Microsoft Security Bullet…

Microsoft Security Bulletin MS02-042 for Windows

By MicrosoftTrial versionUser Rating
Download.com has chosen not to provide a direct-download link for this product and offers this page for informational purposes only.

Key Details of Microsoft Security Bulletin MS02-042

  • Privilege elevation flaw in Network Connection Manager
  • Last updated on February 29, 2024
  • There have been 4 updates
  • Virus scan status:

    Clean (it's extremely likely that this software program is clean)

Download.com has chosen not to provide a direct-download link for this product and offers this page for informational purposes only.

Developer's Description

Privilege elevation flaw in Network Connection Manager
The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. Among the functions of the NCM is to call a handler routine whenever a network connection has been established.

By design, this handler routine should run in the security context of the user. However, a flaw could make it possible for an unprivileged user to cause the handler routine to run in the security context of LocalSystem, though a very complex process. An attacker who exploited this flaw could specify code of his or her choice as the handler, then establish a network connection in order to cause that code to be invoked by the NCM. The code would then run with full system privileges.


Explore More