KezNews.com
DownloadsOther NewsForumBlogsWallpapersJokewareSearch
Downloads:
Microsoft Detours 2.1 - Closest Thing to th..
Windows Genuine Advantage Validation v1.8.3..
Media Pack for Windows XP N SP3
Safari 3.2.1 Download
Easeus Partition Manager 2.1
Windows Live Messenger 2009
Recent Forum Posts:
Will sp2 coming in april deactivate orbit30's cracks?
[rs] eset nod32 ss business edition precracked works 100%
[rs] winrar 3.80 pre-activated **100% working**

News letter:


Enter Your E-mail:
Top Downloads:
Windows Vista SP2 32 bits FREE download!
Windows Genuine Advantage Validation v1.8.32.0 CRACKED
NEW Activation crack for Windows Server 2008 SP1 x64
Download 64-bit Windows 7 6801 Pre-Beta ISO Microsoft.Windows.7 64Bit.Build.6801.DVD-WinBeta Torrent
Microsoft Windows 7 Build 6801 DVD 32-Bit
Download Vista SP2 Beta via Windows Update
RemoveWGA 1.2
Advertisements:

Latest patched Windows exploit is a golden oldie


section: windows, for your questions: KezNews forum, 9.9.2008

    Recommended: Click here to check for outdated drivers

We've seen Microsoft patch vulnerabilities in Windows that we swear we'd seen before, and sometimes they all look so much alike that they tend to run together. But this one really is a classic: a buffer overrun triggered by a fake image file.




Who can forget the tumultuous days of 2004, when what was then considered a major threat to Windows loomed large: a way to easily trigger a buffer overrun in GDI+, Microsoft's once-improved Graphics Device Interface library? While patches were finally distributed that September, it seemed the company's eventual solution -- a completely new graphics foundation, WPF -- couldn't come too soon.

Four years later, the possibility of an uncontrolled exploit to GDI+ -- still a principal 2D graphics library in Windows -- apparently remains imminent. So perhaps the most important security fix in this month's Patch Tuesday from Microsoft includes a new patch for GDI+, to address possible buffer overrun exploits that can be triggered using maliciously crafted GIF, BMP, Windows Metafile (WMF), and Enhanced Metafile (EMF) images, as well as Vector Markup Language (VML) images that include gradients.

"The vulnerability is caused by a heap-based buffer overrun when GDI+ improperly processes gradient sizes handled by the vector graphics link library," reads Microsoft's bulletin this morning.

The September 2004 exploit is looked upon as the textbook example of the heap-based buffer overrun principle, though in this case involving JPEG images. In low-level programming, there are two types of storage buffers for the data that a program may need to use. A pointer keeps track of which item is the next to be recalled, and a "pop" instruction pulls that item from memory. For a stack, data is written to memory in such a way that the first item in becomes the last item out. A heap works differently, more like a stack of papers on one's desk: the first item in becomes the first item out.

The heap situation is said to be a little easier to exploit because whatever memory element can trigger the overflow can be added first and exploited immediately. Still, that doesn't explain why it took four years to realize that the same technique a maliciously crafted JPEG file would use to overflow a buffer, couldn't be used by a GIF file or a WMF file.

source: betanews.com

send email Send link 2 friend  |  Permalink
<< previouse article
OEM licensing confusion starts at Microsoft.com		 next article >>
Firefox 3.1 Alpha 2 For Developers and Testers

MORE RELATED ARTICLES:
Microsoft patched critical Windows bug in XP SP3 early || The Latest Version of Windows for Supercomputers Goes Against Linux || Windows Embedded NavReady 2009 - Latest Windows Platform from Microsoft || Windows 7, XP SP3 and Vista SP1 Vulnerability Exploit Included in Malware Kit || Latest Vulnerability Attacks Steer Clear of Vista SP1, but Not XP SP3

Comments(0)


No new comments are allowed for this article.

For your questions use our KezNews Forum