Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

New Bug Reported In Windows Help Files

Another Microsoft vulnerability has been disclosed, along with proof-of-concept code.

The so-called heap-overflow vulnerability affects Windows help files in multiple versions of Windows XP, Windows Server 2003, Windows NT, and Windows 2000. Researchers at Security Focus reported that the Help File viewer is prone to a heap-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data into insufficiently sized memory buffers.

The problem arises when the application handles a malformed or malicious Windows Help File.

"A successful attack may facilitate arbitrary code execution in the context of a vulnerable user who opens a malicious file," wrote a Security Focus researcher in an advisory. "Failed exploit attempts will likely result in denial-of-service conditions."

A Microsoft spokesman e-mailed a response to InformationWeek and said the company is investigating new public reports of a possible vulnerability in the Microsoft Help subsystem. The company's initial investigation found that the possible vulnerability would require an attacker to use a .hlp file. Microsoft considers them unsafe file types and recommends people use the same caution with .hlp files as they do with .exe, since both file types are executables.

  • 1