iTnews
  • Home
  • News
  • Technology
  • Software

More Windows bugs appear

By Gregg Keizer
Gregg Keizer
Dec 29 2004 1:49PM
Follow google news

Three new and unpatched vulnerabilities in Microsoft Windows were made public on security mailing lists over Christmas weekend, pushing some security vendors to claim user systems may be open to attack and hijacking.

Three new and unpatched vulnerabilities in Microsoft Windows were made public on security mailing lists over Christmas weekend, pushing some security vendors to claim user systems may be open to attack and hijacking.


The vulnerabilities, first reported by a Chinese group and then posted to the Bugtraq mailing list, are in Windows' LoadImage API function, its animated cursor files, and in the way it handles help files.

All the bugs are as yet unpatched.

All supported versions of Windows -- Windows NT, 2000, XP, and Windows Server 2003 -- were affected by the three flaws, said Venustech, the Chinese security firm that posted analysis on Bugtraq.

Some affected Windows XP Service Pack 2 (SP2), some didn't.

The LoadImage API vulnerability -- the latest in a series of image-related vulnerabilities that have hit Windows, Unix, and Linux -- affected Windows NT through Windows Server 2003.

Whether Windows XP SP2 was at risk wasn't yet known.

This vulnerability could be exploited by attackers who entice users to a malicious website that includes a specially-crafted icon, cursor, animated cursor, or bitmap file, said Danish security firm Secunia in its alert.

Alternately, the malicious image could be delivered via HTML e-mail. Users who viewed such messages or visited such sites could find their systems hijacked by hackers, who would be able to run their own code remotely on the PC.

The second bug, which was in Windows' ANI, animated cursor files, could be used by an attacker to crash or freeze a Windows PC, said Venustech in its analysis. Windows XP SP2 was not vulnerable to that flaw.

The third flaw revolved around how Windows parsed help files. The bug could be exploited to create a buffer overflow giving attackers control of the computer, if users opened a maliciously-crafted help file posted on a site or sent to them via e-mail.

Secunia bundled the three bugs and labelled the group as a "highly critical" vulnerability, the second highest warning the firm used.

"Don't visit untrusted websites and don't open documents from untrusted sources," advised Secunia.

The SANS Institute's Internet Storm Center (ISC) gave similar advice.

"Try not to install help files until some Tuesday in, we hope, January," the centre said.

Microsoft releases its patches on the second Tuesday of every month. The next scheduled security bulletin day is 11 January 2005.

 

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright (c) 2004 MediaConnect
Tags:
bugsmicrosoftsecuniasoftware

Related Articles

  • Aurora Energy to modernise its ERP system Aurora Energy to modernise its ERP system
  • Perth Airport to deploy 70 IT, OT systems for new terminal Perth Airport to deploy 70 IT, OT systems for new terminal
  • Apple rolls out new, AI-powered Siri Apple rolls out new, AI-powered Siri
  • iTnews State of Data & AI Breakfast comes to Sydney this July iTnews State of Data & AI Breakfast comes to Sydney this July
Join our WhatsApp Channel

Partner Content

The hidden economics of AI: Why token usage matters more than you think
Partner Content The hidden economics of AI: Why token usage matters more than you think
Take control of your connectivity with Telstra’s Adaptive Networks Centre
Partner Content Take control of your connectivity with Telstra’s Adaptive Networks Centre
Scalable AI solutions: secure delivery
Scalable AI solutions: secure delivery
Why resilient communications are becoming critical infrastructure for modern enterprise IT
Promoted Content Why resilient communications are becoming critical infrastructure for modern enterprise IT

Sponsored Whitepapers

Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
High-volume data sources for AI-driven security analytics
High-volume data sources for AI-driven security analytics
How healthcare organisations can get more value from cloud
How healthcare organisations can get more value from cloud
1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it

Events

  • iTnews State of Security Breakfast iTnews State of Security Breakfast
  • iTnews State of Data & AI Breakfast iTnews State of Data & AI Breakfast
  • The 2026 iAwards The 2026 iAwards
  • Integrate 2026 Integrate 2026
  • Security Exhibition & Conference Security Exhibition & Conference
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Defence says Palantir is "sandboxed" in its environment

Defence says Palantir is "sandboxed" in its environment
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Perth Airport to deploy 70 IT, OT systems for new terminal

Perth Airport to deploy 70 IT, OT systems for new terminal
Meet Genie, Deakin Uni's virtual assistant for students

Meet Genie, Deakin Uni's virtual assistant for students
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.