November 29, 2005 2:53 PM PST
Code exploits Windows flaw in image file handling
Computer code posted Tuesday can crash vulnerable Windows machines by exploiting a "critical" Windows flaw disclosed by Microsoft earlier this month.
The exploit code takes advantage of a flaw in the way Windows handles certain graphics files. Microsoft provided a patch in November with security bulletin MS05-053 and warned that the vulnerability could create an opening for spyware and Trojan horse attacks.
"Microsoft is aware that detailed exploit code has been published on the Internet for the vulnerability that is addressed by Microsoft security bulletin MS05-053," a company spokeswoman said Tuesday. Microsoft is not aware of any attacks that use the code, she said. The code was posted on various security Web sites.
"Initial investigation of this exploit code has verified that successful exploitation could lead to a denial-of-service attack...not remote code execution," the Microsoft spokeswoman said. With a denial-of-service attack a computer would crash, while remote code execution would mean the attacker has full control over a PC.
The MS05-053 update fixes bugs in the way Windows renders the Windows Metafile and Enhanced Metafile image formats. Microsoft tagged the patch "critical" for all its current operating system versions. The company said that to exploit the flaws, an attacker could craft an image and trick a Windows user into looking at it on a spoof Web site or in an HTML e-mail, for example.
The public release of the exploit code for the image handling flaw comes just days after computer code that takes advantage of another Windows flaw was posted to the Web. The public posting of exploit code could be a sign that an attack is coming, security experts have said.
Microsoft has urged all customers to apply the most recent security updates to protect their systems.
1 commentJoin the conversation! Add your comment