Attackers Exploit New Zero-Day Windows Bug

InformationWeek | Windows Security | Attackers Exploit New Zero-Day Windows Bug | December 28, 2005

A new unpatched vulnerability in Microsoft Windows and an in-the-wild exploit appeared Wednesday as security firms raised their alarms to Critical. The bug is in Windows' rendering of Windows Metafile (WMF) images, a component that's been patched three times in the last two years, most recently in November by the bulletin MS05-053. The newest flaw, however, is different enough from November's that fully-patched Windows XP SP2 and Windows Server 2003 machines can be compromised. "This exploit is doing something a bit different," said Shane Coursen, a senior technical analyst with Moscow-based Kaspersky Labs. "It looks like it affects the same DLL as MS05-053, but it's not overflowing the buffer." According to Microsoft's MS05-053 bulletin, the November vulnerability was in an unchecked buffer. Microsoft would only acknowledge that it's looking into the problem, the usual response from the Redmond, Wash.-based developer to news of zero-day exploits of its software.

Technorati Tags: security, windows