Microsoft’s security team is investigating a security vulnerability reported at https://isec.pl/ by Maurycy Prodeus.
The vulnerability is observed on operating system older than Windows Vista (i.e. Windows XP). In this, the attacker hosting a malicious website can remotely run arbitrary code by convincing the user to press the computer’s F1 key in response to a popup window.
The vulnerability is the result of the passing a samba share as a helpfile parameter along with a stack based buffer overflow in the winhelp32.exe file when parameters are too long.
There are no reports of attacks exploiting the weakness. Microsoft plans to issue guidance once its investigation is completed.
Microsoft’s Jerry Bryant says more on it, here:
https://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx
No Comments, Be The First!