VULHUB ™

A vulnerability exists in the way Microsoft Windows 2000 group policies are enforced. It is reported that drive access restrictions may be bypassed using applications and services that are not listed as being restricted in the drive access group policy. This vulnerability may be leveraged using Microsoft Office XP SP3 applications. Additionally it is reported that Windows functionality provided to allow browsing of Flash memory drives may also be applied to leverage this issue.

A vulnerability exists in the way Microsoft Windows 2000 group policies are enforced. It is reported that drive access restrictions may be bypassed using applications and services that are not listed as being restricted in the drive access group policy. This vulnerability may be leveraged using Microsoft Office XP SP3 applications. Additionally it is reported that Windows functionality provided to allow browsing of Flash memory drives may also be applied to leverage this issue.