Zero-day Windows bug problem worse than first thought.....

    Zero-day Windows bug problem worse than first thought.....


    Posted: 23 Aug 2010

    An unpatched problem with Windows applications is much worse than first thought, with hundreds of programs, not just 40, vulnerable to attack, a Slovenian security company said today.

    "It was a shocking surprise," said Mitja Kolsek, CEO of Acros Security. "It appears that most every Windows application has this vulnerability."

    Yesterday, American researcher HD Moore announced that he had stumbled on about 40 Windows applications with a common vulnerability, but declined to name the programs or go into detail about the bug.

    Today, Kolsek said that Acros has been digging into a new class of vulnerabilities for months, has found more than 200 flawed applications harboring more than 500 separate bugs, and reported its findings to Microsoft more than four months ago.

    In other words, the problem is much more widespread than Moore let on Wednesday.
    "We examined a bunch of applications, more than 220 from about 100 leading software vendors, and found that most every one had the vulnerability," said Kolsek. Acros built a specialized tool to help its researchers pinpoint which applications were vulnerable.

    According to Kolsek, the bug is in how most applications load and execute code libraries -- ".dll" files in Windows -- and executables, including ".exe" and ".com" files. He dubbed the class of bugs as "remote binary planting," and said the flaws could be easily exploited.

    More -
    Zero-day Windows bug problem worse than first thought, says security expert | Security Central - InfoWorld
    Posted By: JMH
    23 Aug 2010



  1. Posts : 2,686
    Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
       #1

    Security Advisory 2269637


    Microsoft has issued an advisory on this problem with information and work arounds.

    Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution

    Jim
      My Computer


  2. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #2

    People most likely to be impacted are those who use P2P file-sharing programs. Bold added to pertinent information from the Mitigating Factors in the Security Advisory:

    This issue only affects applications that do not load external libraries securely.

    For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
      My Computer


  3. Posts : 4,663
    Windows 7 Home Premium 64 bit
       #3

    Thanks for the heads up Jan.:)
    Put like that it sounds a pretty remote chance of getting a problem, Corrine. Think I'll stay close to home until it's fixed though.
      My Computer


  4. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #4

    Phone Man said:
    Microsoft has issued an advisory on this problem with information and work arounds.

    Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution

    Jim
    Bill Pytlovany to the rescue with a simple work around for WinPatrol PLUS users!

    Twitter / Corrine (MVP): RT @WinPatrol: WinPatrol P ...
    RT @WinPatrol: WinPatrol PLUS users add protection from DLL(CWDIllegalInDllSearch) vulnerability BillP Studios - WinPatrol Registry Monitoring Scripts
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:30.
Find Us