Internet Explorer .HLP vulnerability on Windows XP

Microsoft’s security team is investigating a security vulnerability reported at https://isec.pl/ by Maurycy Prodeus.

The vulnerability is observed on operating system older than Windows Vista (i.e. Windows XP). In this, the attacker hosting a malicious website can remotely run arbitrary code by convincing the user to press the computer’s F1 key in response to a popup window.

The vulnerability is the result of the passing a samba share as a helpfile parameter along with a stack based buffer overflow in the winhelp32.exe file when parameters are too long.

There are no reports of attacks exploiting the weakness. Microsoft plans to issue guidance once its investigation is completed.

Microsoft’s Jerry Bryant says more on it, here:
https://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx

Abhijit Kulkarni

Abhijit Kulkarni


No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image