Sergio Tabanelli wrote:
>
> Recently I posted to some mailing lists, questions and observation about a
> new strange functionality in W2K called OffloadModExpo. Some of these were
> about a strange coincidence, I've never found a distribution which
> contemporary use the _NSAKEY and the
> OffloadModExpo functionality. I’ve also privately presented all the
> following considerations to Scott Culp of the Microsoft Security Response
> Center, a very interesting discussion followed my signaling. If someone is
> interested I can make it public.
>
> This is my posting to public mailing lists:
>
> >>
> Microsoft has released a new security bulletin
> (http://www.microsoft.com/technet/security/bulletin/ms00-024.asp)
> about a vulnerability in the NT registry permission setting for a
> functionality called OffloadModExpo. I thanks Microsoft and Scott Culp for
> the Acnowledgments.
> This is the full story:
<snip background discussion>
Love to hear the response from Scott & Co. The hole you found in NT was
big enough to cause a lot of trouble.
Greg
