Windows applications affected by remote code-execution bug

About 200 Windows applications are vulnerable to remote code-execution attacks that exploit a bug in the way the programs load binary files on Windows OS (at least XP, Vista and Windows 7).

According to Mitja Kolsek, CEO of Acros Security, the critical vulnerability, which has already been patched in Apple’s iTunes media player for Windows and VMware Tools, will be difficult to fix, because each application will ultimately need to receive its own patch.

Security experts from Acros have found that about 200 of the 220 applications they’ve tested so far suffer from this “binary-planting bug”. The bug allows attackers to execute malicious code on Windows machines by getting the media player to open a file located on the same network share as a maliciously designed DLL file.

Until a fix is released users can reduce their exposure by blocking outbound SMB connections on ports 445 and 139 and on WebDAV. This will not prevent attacks originating from the local networks which can be a problem in large organizations, where compromised machines infect other PCs in the network.

A detailed advisory can be found here.