Researchers reveal Windows buffer overflow flaw

By

Researchers last week revealed an unpatched buffer overflow bug in Windows that could allow an attacker to take control of an affected machine.


The GoodFellas Security Research Team on Friday disclosed a flaw in the FindFile function of two Windows libraries.

The FindFile class is used to manage searches across the Windows filesystem, according to an advisory released by researcher Jonathan Sarba and the GoodFellas Security Research Team.

There is no available workaround or patch for the flaw, according to an advisory from Shellcode, an Argentina-based solutions provider where Sarba is a manager and security specialist.

Sarba declined comment today, but the GoodFellas advisory said the group notified affected independent software vendors on June 20 and Microsoft a day later.

GoodFellas asked Microsoft for an update on Aug. 31, which Microsoft said on Sept. 5 was “coming soon,” according to Shellcode's advisory.

Christopher Budd, Microsoft security program manager, said today that the company is investigating reports of the flaw and will respond after the inquiry is complete.

The Redmond, Wash.-based corporation is unaware of any attacks targeting the reported vulnerability, Budd said.

Secunia, which released an advisory for the flaw on Monday, warned that the bug can be exploited to cause a heap-based buffer overflow by passing an overly long argument to an affected application.

The flaw exists on a fully patched PC running Windows XP with Service Pack 2, according to Secunia, which ranked the flaw as “moderately critical.”

The Denmark-based vulnerability monitoring organization cited two HP products that have vectors allowing exploitation: All-In-One Series web release software driver/installer version 2.1.0 and HP Photo and Imaging Gallery version 1.1.

Secunia recommended that users restrict access to affected applications and check the length of user input.

FrSIRT ranked the flaw as having “moderate risk” in an advisory released today.

Don Leatham, director of solutions and strategies at Lumention Security (formerly PatchLink), told SCMagazineUS.com today that the vulnerability is “another example of a standard buffer overflow.”

“It's a little bit concerning because it's part of the foundation class library of Windows, which you would think a lot of applications would be using,” he said. “It looks like it can definitely be used for remote code execution, as well as a local attack.”

See original article on SC Magazine US
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
bufferflawoverflowresearchersrevealsecuritywindows

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?