Microsoft investigating possible Help flaw

By on

Microsoft been warned about a possible buffer overflow vulnerability in Windows’ help platform that could leave users at risk of malicious code run onto their PCs.

Bratax.be, said on its website that it warned the Redmond, Wash., computing giant of the flaw, saying hacker "code will run with the privileges of the target user."

"An unchecked buffer in the way HTML Help Workshop processes .hhp files allows a remote user to take control over EIP, and thus execute arbitrary code with the privileges of the end user," the research site said. "The buffer overflow occurs when a long string is supplied as content file."

Secunia called the vulnerability "moderately critical" this week, encouraging users to stay away from untrusted .hhp files.

"The vulnerability is caused due to a boundary error within the handling of an .hhp file that contains an overly long string in the 'contents file' field," the security website said. "This can be exploited to cause a stack-based buffer overflow and allows arbitrary code execution when a malicious .hhp file is opened."

A Microsoft spokesperson said Tuesday that the company" is not aware of any attacks attempting to use the report vulnerability or of customer impact at this time."

"Microsoft's initial investigation has revealed that customers who have not installed the HTML Help SDK on their systems are not impacted by this report. By default, no other Microsoft applications or operating systems have the ability to open .hhp files," the spokesperson said. "Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include issuing a security advisory or providing a security update through our monthly release process, depending on customer needs."

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?