New Vulnerability in Windows Help Files

Just in time to coincide with Microsoft Tuesday Patches, another new vulnerability is released to the world. This time the vulnerability was found in Windows Help (.hlp) files. This flaw enables an attacker to make use of a heap overflow in order to achieve arbitrary code execution.

Symantec Security Response have analyzed a sample of the proof-of-concept code and have released the Bloodhound.Exploit.135 detection to proactively detect potential threats that utilize the vulnerability. Symantec Security Response Weblog: New Vulnerability in Windows Help Files

Linked by shanmuga Friday, 13th April 2007 1:18AM