Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Microsoft Help Centre Handling of Escape Sequences May Lead to Exploit InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Help Centre Handling of Escape Sequences May Lead to Exploit

Published: 2010-06-10
Last Updated: 2010-06-10 21:26:08 UTC
by Deborah Hale (Version: 1)
0 comment(s)

It appears that a problem has been discovered with Microsoft Help Centre that may lead to problems for
for those who are using it. 

http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html

According to the information provided by Microsoft on this issue:

"We are aware of a publicly disclosed vulnerability affecting Windows XP and Windows Server 2003.
We are not aware of any current exploitation of this issue and customers running Windows Vista,
Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this
issue, or at risk of attack."

Microsoft warns that the analysis from the original disclosure of the event is incomplete and the
workaround provided by Google is incomplete.  They have made recommendations for and have
given the steps to unregister the hcp protocol to protect from exploitation. See the information for
mitigation at:

 http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx

Deb Hale Long Lines, LLC

0 comment(s)
Diary Archives