> http://www.pcweek.com/news/1216/18ent.html
>
> December 18, 1996 5:45 PM ET
> _NT vulnerable to attack on CPU_
> _By Eamonn Sullivan_
>
> Errors in the way Windows NT schedules concurrently running
> applications leave it vulnerable to a simple, but very effective,
> denial of service attack, according to a Windows NT expert.
>
> "This is a wide-open hole just waiting for exploitation by an ActiveX
> control," said Mark Russinovich, a consulting associate with Open
> Systems Resources Inc. who discovered the vulnerability this week. The
> flaw is particularly serious, since it can be easily exploited by an
> ActiveX control or by a Netscape plug-in.
>
> Russinovich wrote a simple utility that, while running with no special
> security privileges, is able to take complete control of any Windows
> NT server or workstation, rendering it useless for any other
> applications. The algorithm used by Windows NT to protect itself
> against such CPU-hogging attacks appears to be seriously flawed and
> ineffective, Russinovich said.
>
> The source code for the utility, which is called CpuHog, is available
> on the Web at www.ntinternals.com.
>
> _How it works_
>
> Basically, Russinovich's program exploits a vulnerability in the way
> Windows NT schedules the execution of processes.
>
> Applications can set their own priority level, which affects how often
> Windows NT allows those applications to run. An application running
> under a user account with administrative privileges can set its
> priority to any of 32 levels, with the highest level giving it more
> time slices. Applications running under accounts without
> administrative privileges can set their priority to any of the first
> 16 of those levels.
>
> CpuHog sets its priority to the highest level available, which is
> level 16 when run by a normal user. Windows NT attempts to deal with
> CPU-hogging applications by boosting the priority of other
> applications. However, Russinovich found that Windows NT will only
> boost applications as high as level 15. Thus, all other applications -
> even system utilities such as Task Manager - never get a chance to
> execute while CpuHog is running.
>
> PC Week Labs was able to duplicate Russinovich's findings. When run on
> Windows NT 4.0, for example, the only way to regain control once
> CpuHog was executed was to reset the PC.
>
> _Old problem _
>
> Hogging the CPU is one of the oldest known forms of denial of service
> attack. So old, in fact, that many operating systems have developed a
> defense. Many forms of Unix allow administrators to set limits on CPU
> usage by user - limiting any one user to 50 percent of available CPU
> cycles, for example.
>
> Almost all forms of Unix also automatically decrease the priority of
> the highest-priority processes when applications become starved for
> CPU time, which is the opposite of what Windows NT does.
>
> Russinovich said Microsoft could get around the problem fairly easily
> in one of two ways: Either increase the maximum priority given to
> other, CPU-starved applications above level 15, or increase the
> priority of the Task Manager above level 16, so that it can be used to
> end CPU-hogging applications.
>
> Microsoft officials contacted for this story did not have a comment,
> other than to say they are researching the problem.
>
> ÄLINKÅ
>
> _Copyright(c) 1996 Ziff-Davis Publishing Company. All rights reserved.
> Reproduction in whole or in part in any form or medium without express
> written permission of Ziff-Davis Publishing Company is prohibited. PC
> Week and the PC Week logo are trademarks of Ziff-Davis Publishing
> Company. PC Week Online and the PC Week Online logo are trademarks of
> Ziff-Davis Publishing Company._
>
>
> _Send mail to PC Week_
>
Oskar
--- Forwarded message ---
Että ei se ihan täydellinen ole NT vieläkään...
Jari