Latest patched Windows exploit is a golden oldie
section: windows, for your questions: KezNews forum, 9.9.2008
Tip: Click here to update all your PC's outdated driversWe've seen Microsoft patch vulnerabilities in Windows that we swear we'd seen before, and sometimes they all look so much alike that they tend to run together. But this one really is a classic: a buffer overrun triggered by a fake image file.
Who can forget the tumultuous days of 2004, when what was then considered a major threat to Windows loomed large: a way to easily trigger a buffer overrun in GDI+, Microsoft's once-improved Graphics Device Interface library? While patches were finally distributed that September, it seemed the company's eventual solution -- a completely new graphics foundation, WPF -- couldn't come too soon.
Four years later, the possibility of an uncontrolled exploit to GDI+ -- still a principal 2D graphics library in Windows -- apparently remains imminent. So perhaps the most important security fix in this month's Patch Tuesday from Microsoft includes a new patch for GDI+, to address possible buffer overrun exploits that can be triggered using maliciously crafted GIF, BMP, Windows Metafile (WMF), and Enhanced Metafile (EMF) images, as well as Vector Markup Language (VML) images that include gradients.
"The vulnerability is caused by a heap-based buffer overrun when GDI+ improperly processes gradient sizes handled by the vector graphics link library," reads Microsoft's bulletin this morning.
The September 2004 exploit is looked upon as the textbook example of the heap-based buffer overrun principle, though in this case involving JPEG images. In low-level programming, there are two types of storage buffers for the data that a program may need to use. A pointer keeps track of which item is the next to be recalled, and a "pop" instruction pulls that item from memory. For a stack, data is written to memory in such a way that the first item in becomes the last item out. A heap works differently, more like a stack of papers on one's desk: the first item in becomes the first item out.
The heap situation is said to be a little easier to exploit because whatever memory element can trigger the overflow can be added first and exploited immediately. Still, that doesn't explain why it took four years to realize that the same technique a maliciously crafted JPEG file would use to overflow a buffer, couldn't be used by a GIF file or a WMF file.
source:
betanews.com
>> Click Here to Run a Free Scan for PC Errors <<
Send link 2 friend | Permalink
MORE RELATED ARTICLES:
Windows 7 7600 Golden Build - Retail + Windows Server 2008 r2 RTM || Latest Windows 7 Updates Cause BSOD: Fix || Latest Windows 7 blasts past XP, Vista || Microsoft confirms detailed Windows 7 exploit || Remote exploit released for Windows Vista SMB2 worm hole
Comments(0)
No new comments are allowed for this article.
For your questions use our KezNews Forum
Windows 7 RTM 7600.16385.090713-1255 HERE !