Holiday worry for Windows users

New Windows security vulnerabilities have been discovered that could lead to PCs running the platform being at risk of attack, including systems running Microsoft’s XP Service Pack 2 (SP2) upgrade.

  • E-Mail
By  Matthew Wade Published  December 26, 2004

New Windows security vulnerabilities have been discovered that could lead to computers running the OS being at risk of attack, including those systems running Microsoft’s latest upgrade, XP Service Pack 2 (SP2). Three new issues have just been discovered. These were immediately reported by security newsgroups and have since been confirmed by antivirus firm Symantec. These vulnerabilities arrive at the worst time as far as fixes are concerned, as many security professionals around the world are currently off work over the holiday period. IT web site reports that one of the three Windows problems involves image handling, while the other two vulnerabilities involve Windows’ Help system (and its .hlp files), and the operating system’s ANI (Automatic Number Identification) authentication functions. The image-handling problem concerns LoadImage, a component of Windows that loads icons, cursors or bitmaps onto the desktop. An image with a malicious payload could cause what’s called a heap buffer overflow, which could result in a system being left open to exploitation. The ANI problem meanwhile is known as the ‘Windows Kernel ANI File Parsing Crash and DoS Vulnerability’ and means that if a user clicks on a link or opens a message that can load a malicious ANI file, then this file could in turn set off a denial-of-service attack. Last but certainly not least, the newly discovered Help vulnerability concerns a potential decoding error, which can occur when Help (.hlp) files are run. This type of error could again cause a heap buffer overflow, similar to the LoadImage vulnerability, possibly leaving a system open to exploitation. Computers running Windows NT, 2000 and XP (SP1 version) are vulnerable to each of the three vulnerabilities, while SP2-based systems are thought to be only affected by some aspects of the Help problem. Windows users can best protect themselves by blocking e-mail attachments that arrive with .hlp files attached and reading e-mails in plain-text format so as to stop malicious images from using Windows’ LoadImage component. Only last week security firm Trend Micro published a report claiming that 2004 was the worst year on record for virus outbreaks in the Middle East. Trend’s report also explained that most outbreaks occurred in the first quarter of the year and suggested users be particularly on their guard during the New Year, a particularly relevant warning considering the new vulnerabilities detailed here.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code