All the latest UK technology news, reviews and analysis
|
|
|
19 Sep 2007
A new zero-day flaw has been reported in a system component of Microsoft's Windows XP.
Experts warned that, depending on the way in which the attack is conducted, the flaw could allow an attacker to execute code on a target system.
The vulnerability lies in two Windows components known as MFC42 and MFC71 which are part of the Windows API that is used by virtually all Windows applications to communicate with the operating system.
When the user opens a document that calls on the function, a condition could be created that leads to a crash and potentially allows an attacker to run malicious code on a user's system, according to Secunia.
There is currently no fix for the vulnerability, although Secunia said that the only applications known to access the components are HP's Photo & Imaging Gallery 1.1 and version 2.1 of the software/driver installer for HP's All-In-One series.
Secunia credited the discovery of the flaw to researcher Jonathan Sarba of the GoodFellas Security Research Team.
The group claimed to have notified Microsoft about the flaw on 21 June, but that it was not until earlier this month that the company acknowledged that it was working on a fix.
A Microsoft spokesperson would not directly comment on the report, but did tell vnunet.com that the company is looking into "new public claims of a possible vulnerability in Microsoft Windows".
Secunia classifies the vulnerability as 'moderately critical', the third of its five alert levels.
Administrators looking to minimise risk from the flaw should block user access to applications that use the vulnerable MFC components.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Systems Analysis Project Lead - UML, Agile, Waterfall...
IT Business Analyst - ISEB, PRINCE2 - Southampton, Hampshire...
Predictive Modelling analytics - (SAS) - South-East...
iOs Developer - JEE, cocoa, Objective-C - Midlands (potential...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Massively overhyped
Firstly, while MFC 6.0 and 7.1 ship with Windows - MFC 6.0 in all versions from Windows 2000 onward and 7.1 with Windows Server 2003 - very few system components actually require these libraries. Further, the article is worded to suggest that all components that use the library will be vulnerable which is not the case - CFileFind is a utility class only, it is not used internally by MFC. Only applications which actually make use of this class - which may not be that many, the underlying system APIs are actually easier to use in my opinion - will be vulnerable, and only then if they pass user-supplied data to it, and if the next block on the heap happens to contain code that is later executed (or a pointer to code) and is at a predictable location. It has the potential to cause exploitable security vulnerabilities but this is far from a definite statement that it does. MFC 8.0 does appear to have a fix to this bug, that was presumably included in normal code review, replacing known risky functions with safer versions. I would expect that MFC 7.0 also includes the same issue, although I do not have source for that to hand (source code for MFC ships with Visual Studio).
Posted by: Mike Dimmick 19 Sep 2007