Managing vulnerabilities exposed by Windows services.

by James Williams
Sept. 1, 2017 0 comments SANS Institute threats/vulnerabilities

The butler did it…in my office…with an open window. This “Murder Mystery” analogy may seem a strange way to view the vulnerabilities of Windows services. Nonetheless, the analogy provides a very simple way for us to look at the Windows business class operating system, its “services” in particular. In order to fully grasp the items of discussion we need to be able to understand how the Windows operating system works. To do this we need to further our analogy by taking a look at the suspects and the location of our murder mystery. First we have the Windows operating system, a house if you will, “The House of Windows”. The work we do in this house, that is to say the applications we use, and the documents we create we will call our “office”. All of the methods used to access the operating system will shall consider “windows”. While doors may seem a more appropriate analogy, you will rarely find a house with more than two or three doors, but most houses co...