Researchers reveal Windows buffer overflow flaw

News by Frank Washkuch Jr.

Researchers last week revealed an unpatched buffer overflow bug in Windows that could allow an attacker to take control of an affected machine.

Researchers last week revealed an unpatched buffer overflow bug in Windows that could allow an attacker to take control of an affected machine.

The GoodFellas Security Research Team on Friday disclosed a flaw in the FindFile function of two Windows libraries.

The FindFile class is used to manage searches across the Windows filesystem, according to an advisory released by researcher Jonathan Sarba and the team.

There is no available workaround or patch for the flaw, according to an advisory from Shellcode, an Argentina-based solutions provider where Sarba is a manager and security specialist.

Sarba declined to comment today, but the GoodFellas advisory said the group notified affected independent software vendors on June 20 and Microsoft a day later.

GoodFellas asked Microsoft for an update on August 31, which Microsoft said on September 5 was “coming soon,” according to Shellcode's advisory.

Christopher Budd, Microsoft security program manager, said today that the company is investigating reports of the flaw and will respond after the inquiry is complete and the corporation is unaware of any attacks targeting the vulnerability.

Secunia warned that the bug can be exploited to cause a heap-based buffer overflow by passing an overly long argument to an affected application.

The flaw exists on a fully patched PC running Windows XP with Service Pack 2, according to Secunia, which ranked the flaw as “moderately critical.”

The Denmark-based vulnerability monitoring organization cited two HP products that have vectors allowing exploitation: All-In-One Series web release software driver/installer version 2.1.0 and HP Photo and Imaging Gallery version 1.1.

Secunia recommended that users restrict access to affected applications and check the length of user input.








 

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events