The Windows NT screensaver matches the security level of the user logged onto the machine, Microsoft explained, but does not check to make sure that the match is accurate. Theoretically, a malicious screensaver file could allow any user to log on as an administrator.
The NT flaw is the latest in a long line of security issues that have beset the software maker.
Microsoft admitted last week that its Windows 98 operating system had surreptitiously, and unintentionally, according to the company, been gathering user identification numbers during the Windows 98 registration process. Although Microsoft at first insisted that the numbers were only read by the Microsoft Web site, subsequently, the company confirmed that any Web site could gain access to the identification information.
Microsoft's privacy woes come on the heels of Intel's battle with privacy advocacy groups over its decision to include a serial number on each Pentium III processor that can identify users during ecommerce transactions. Privacy groups fear that such a feature could allow marketers and hackers to share or steal information about users.
The two types of machines at risk for this particular NT security bug are workstations and terminal servers that allow non-administrative users to interactively log on, or servers that allow remote users to execute programs. Windows NT 4.0 is affected by the problem.
There are no known examples of machines that were hacked using this glitch, Microsoft said. Last week, Microsoft product manager Scott Culp said he believed any attack using this vulnerability was unlikely.
"It requires a detailed understanding of the operating system--it's a highly technical attack. This isn't something that's easily put together," he said.
The Windows NT bug was discovered by Cybermedia Software of India.