Avast WEBforum
Other => General Topics => Topic started by: polonus on April 13, 2007, 10:47:09 AM
-
Hi malware fighters,
A new vulnerability is rated as "low", only because there has not been found malware exploiting it:
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-041100-4132-99&tabid=1
Next to a Windows DNS leakage a new vulnerability has been found in Windows Help files. Through this dangerous security hole an attacker can take over a complete system remotely. This hole has not been seen to have been exploited in the wild, but because there is no patch users are advised to be extra carefult, and to update all their security software.
Problem seems to be Microsoft Help Engine does not check the buffer totals before a certain data block is being released into HLP files, creating a heap overflow, in this fashion enabling the execution of arbitrairy code. The hole has been found to exist for Windows NT, 2000, 2003 and XP.
polonus
-
The DNS flaw is being exploited even as we speak.
"Cybercrooks are using a yet-to-be-patched security flaw in certain Windows versions to attack computers running the operating systems, Microsoft warned late Thursday."
http://news.com.com/Cybercrooks+exploiting+new+Windows+DNS+flaw/2100-7349_3-6175743.html?tag=html.alert.comp
-
Windows XP and Windows Vista are not impacted by the DNS flaw. Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 are vulnerable, Microsoft said.
-
Yes DavidR, we know that, but the help files hole is!!
the old pol