Hi malware fighters,
A new vulnerability is rated as "low", only because there has not been found malware exploiting it:
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-041100-4132-99&tabid=1Next to a Windows DNS leakage a new vulnerability has been found in Windows Help files. Through this dangerous security hole an attacker can take over a complete system remotely. This hole has not been seen to have been exploited in the wild, but because there is no patch users are advised to be extra carefult, and to update all their security software.
Problem seems to be Microsoft Help Engine does not check the buffer totals before a certain data block is being released into HLP files, creating a heap overflow, in this fashion enabling the execution of arbitrairy code. The hole has been found to exist for Windows NT, 2000, 2003 and XP.
polonus