Microsoft Examines Fresh Flaw Within Windows
Microsoft the giant maker of software has said that it's examining reports about one fresh security flaw within the Windows engine for graphics, which if exploited could let computer hackers gain hold over target PCs.
Specifically, by successfully exploiting the flaw, any attacker can execute random software while the actual user is logged on. Thereafter, he could load programs; see, alter, or erase files; alternatively set up fresh accounts using all of the user's privileges. Fortunately, for user accounts that are less privileged i.e. have only few rights, the impact could be low compared to user accounts that bear administrative privileges.
Stated Microsoft, the reported flaw existed within Windows Vista, XP, Server 2003, Server 2008, while the Windows 7 OS was spared.
Meanwhile, in Korea at one lately held hacking conference when participants presented the vulnerability, a case study on hacking was used. Soon after Joshua Drake alias jduck added an active attack code to the Metasploit Framework that's available for free.
Head of Technology, Paul Ducklin for security company Sophos' Asia Pacific division wrote that jduck was of the opinion that the flaw was within a code that treated one "device-independent bitmap" (DIB) resulting in a "stack-based heap overflow" when thumbnails were handled inside .MIC files as well as different Office documents. Siteon the Sophos blog published this on January 5, 2011.
Luckily the Metasploit attack code has little impact, reportedly aiming at just Windows XP SP3 and Windows 2000; however, it does work like an established proof-of-concept if anybody bothers for examining it.
In the meantime, according to Microsoft, it has neither come to know about attacks, which attempt at exploiting the bug nor about any consumer impact.
Also, as per the company, it's working with associates within the MAPP (Microsoft Active Protections Program) for suggesting inputs towards wider protection for consumers.
It also said that once it completed examining the public reports, it would act appropriately towards protecting its consumers. Thus, it may issue a security patch via its monthly security bulletin alternatively release an emergency patch outside the monthly bulletin cycle depending on the requirements of consumers.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 17-01-2011