Microsoft’s Windows Flaw Allows Execution Of Arbitrary Code

According to scientists, another flaw in Microsoft Windows Help (HLP) files has been exposed, corresponding to the April 10's weekly Patch Tuesday handout. The glitch allows a hacker to employ a buffer overflow to implement an arbitrary code, as per Securecomputing's April 12, 2007 issue.

The alleged buffer-overflow vulnerability infects the Windows help files in several variants of Windows NT, Windows XP, Windows 2000, and Windows Server 2003. Scientists at Security Focus declared that the Help File browser was given to buffer-overflow flaws since it was unable to execute boundary inspection before replicating client-furnished information into inadequate memory buffers, as per Itnews's April 12, 2007 release.

Symantec's Security Response Team's member, Hon Lau, cited in the company's blog page on April 12, 2007 that investigators haven't found the flaw being aggressively abused. Lau asserted that Symantec had examined a section of the proof-of-concept software and issued the Bloodhound.Exploit.135 to find the risks that usually target the flaw.

Trouble begins whenever the software runs a distorted or affected Windows Help File. (HLP files) thus Lau warns email senders from opening any HLP files from suspicious origins.

According to a statement by Microsoft representative on April 12, 2007, the company is analyzing reports about a flaw, except it's ignorant of anything risky being exploited by hackers.

"Microsoft's preliminary research has determined that the potential flaw would entail a hacker to exploit an HLP file," stated the representative, appending that the company however records the HLP files as risky file types, as per Securecomputing's 12th April, 2007 copy.

Microsoft believing them to be wild file type urges users to apply equal carefulness with .hlp files just like they are with .exe files, as both are viable.

In the meantime, "Muts," the cyber-terrorist who this week released proof-of-concept (PoC) software for what he averred as the latest vulnerabilities in Word 2007, wrote on his 12th April 2007 blog, that he has got e-mails from clients of the Full Disclosure listing corroborating a system breakdown when the flaws were exploited. He also offered screen captures of Word collapsing as per Securecomputing's April 12, 2007 release.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 4/20/2007