Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theatre
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
Antivirus company Symantec is warning its customers about a number of critical holes in Microsoft's Windows operating system. The holes, which surfaced late last week, could make Windows systems vulnerable to compromise by remote attackers.
Symantec acted after security researchers published the details of the heap overflow vulnerabilities in messages posted to online security news groups Thursday. The flaws affect most supported versions of Windows, but Microsoft has not yet issued a patch for the newly disclosed holes.
Windows users are vulnerable to Internet based attacks until patches are issued, Symantec says.
In overflow vulnerabilities, storage areas in a computer's memory are exceeded, allowing random data or malicious code to be placed on the computer.
In one instance, researchers at Venustech Security Labs described a vulnerability in a component of Windows, winhlp32.exe, that processes Help files. Attackers could launch attacks using a Help file created to trigger the overflow vulnerability, though victims would have to be tricked into downloading and opening the malicious file on their computers for it to be compromised, Symantec says.
Second Hole
Also on Thursday, Symantec warned about a second vulnerability in a Windows component called "LoadImage" that is used to load desktop icons, cursors, or bitmap images.
A flaw in the way LoadImage processes image files could allow malicious hackers to use specially crafted images to trigger an overflow and place their own code on vulnerable machines. Images that trigger the flaw could be sent in e-mail messages or downloaded from Web pages controlled by the hackers, Symantec says.
As with the Help file vulnerability, most supported versions of Windows are affected by the LoadImage flaw, including versions of Windows NT, Windows XP, Windows 2000, and Windows Server 2003, Symantec says.
While no active exploits targeting the vulnerabilities have been discovered, proof of concept code showing how both vulnerabilities work have been published on the Internet.
Symantec recommends that Windows users exercise caution when receiving and opening files from unknown sources. Organizations can defend their networks from attacks by limiting user privileges and deploying intrusion detection software to spot attacks, Symantec says.
