NEWS FROM THE LAB - Tuesday, December 28, 2004

Windows vulnerabilities found over Christmas time Posted by Mikko @ 09:13 GMT

We're a bit worried about the four new Windows vulnerabilities that were found during Christmas holidays...especially since there a no current patches against them. Windows XP SP2 is immune to some - but not all of them.

These vulnerabilities could be used in future viruses - for example in massmailers.

They are:

* Windows LoadImage API vulnerability. Can be used for remote code execution through crafted bitmaps (.BMP), icons (.ICO), cursor (.CUR) and animated cursor (.ANI) files
* Animated cursor (.ANI) vulnerability that causes system crash.

* Help file overflow that can be exploited through crafted windows help (.HLP) files. This vulnerability reportedly also affects Windows XP SP2.

* HTML Help Control exploit that uses a number of different vulnerabilities to bypass IE's Local Zone protections in order to run scripts on the host. SP2 is vulnerable.

At least this last exploit has already been used for dropping Trojans.

While waiting for a patch, we recommend upgrading to Windows XP SP2 and using a browser no one else is using.