CVE-2004-0208

Name of the Vulnerable Software and Affected Versions Microsoft Windows NT 4.0 Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003

Description The issue allows local users to access kernel memory and gain privileges through a malicious program. This program modifies system structures in a way that is not properly validated by privileged operating system functions, specifically targeting the Virtual DOS Machine (VDM) subsystem.

Recommendations For Microsoft Windows NT 4.0, update to a version with improved validation of system structures. For Microsoft Windows 2000, apply a patch that corrects the VDM subsystem's validation of system modifications. For Microsoft Windows XP, install an update that enhances the operating system's validation of privileged functions. For Microsoft Windows Server 2003, apply a hotfix that improves the security of the VDM subsystem.