|
The threats to our products April 1, 1999 By Loren Kohnfelder and Praerit Garg
|
| bet | 10/15 | | Sana | 30.03.2021 | | Hajmi | 58,92 Kb. | | #13786 |
| What products are susceptible? All software products are susceptible to denial of service threats. Microsoft product groups should address them in the proactive security process by identifying various vulnerabilities that can result in denial of service. While D.o.S. is one of the hardest security threats to address, and in many cases it is reasonable not to address them, your team should identify and rationalize all such cases.
Elevation of privilege
What's the threat? An unprivileged user gains privileged access and thereby has sufficient access to completely compromise or destroy the entire system. The more dangerous aspect of such threats is compromising the system in undetectable ways whereby the user is able to take advantage of the privileges without the knowledge of system administrators. Elevation of privilege threats include those situations where an attacker is allowed more privilege than should properly be granted, completely compromising the security of the entire system and causing extreme system damage. Here the attacker has effectively penetrated all system defenses and become part of the trusted system itself and can do anything.
|
| |
