CVE-2007-0843

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 through Vista

Description: The issue concerns the ReadDirectoryChangesW API function, which does not properly check permissions for child objects. This allows local users to bypass permissions by opening a directory with LIST (READ) access and using the ReadDirectoryChangesW function to monitor changes to files without LIST permissions. As a result, sensitive information such as filenames and access times can be determined.

Recommendations: For Microsoft Windows versions 2000 through Vista, consider restricting access to the ReadDirectoryChangesW API function until a patch is available. As a temporary workaround, limit directory access to only necessary users and groups to minimize the risk of exploitation.