CVE-1999-1365

Summary

CVE-1999-1365 is a vulnerability affecting Windows NT systems. The issue lies in the operating system's search order for critical programs. By default, Windows NT searches the user's home directory (%systemroot% in this case) before other directories for files such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE, and TASKMGR.EXE. This behavior creates an opportunity for local users to bypass access restrictions or elevate privileges by placing a malicious Trojan horse program into the root directory, which is writable by default. Successful exploitation of this vulnerability could lead to significant security consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.