Vulnerabilities in Windows XP SP3漏洞在Windows XP SP3的
The 那个 third and final service pack for Windows XP第三次也是最后一次的Windows XP Service Pack is not even out the door, and security company Symantec has already warned of a security vulnerability impacting XP SP3. 甚至没有出大门,与安全厂商赛门铁克公司已经警告说,有一个安全漏洞影响XP SP3的。 With the advent of Windows Vista, Microsoft has started beating the drum of the increased security of its latest Windows client in comparison to XP SP2. 与来临的Windows Vista ,微软已经开始打鼓的提高安全性,其最新版的Windows客户端,在比较XP SP2的。 Throughout 2007, the Redmond company has offered ample proof of the fact that Vista RTM was affected by less than half the 在整个2007年,微软已提供充分证明的事实是, Vista RTM预估是受不到一半
volume of vulnerabilities in contrast to XP RTM. 货量的弱点对比到Windows XP的RTM 。 This trend seems to continue with Vista Service Pack 1 and XP SP3. 这种趋势似乎继续与Vista的Service Pack 1和XP SP3的。 The proof of concept of a new bug impacting Windows Explorer is now available in the wild, with potential exploits affecting XP SP3. 证明的概念,一个新的漏洞影响Windows档案总管现已在野生环境,与潜在的漏洞影响XP SP3的。
"The bug affects the code that parses Word documents in order to extract and display summary information (for example, document type, author, title, etc.). A malformed property record in the DocumentSummaryInformation stream of the Word document will cause Explorer to access an invalid pointer when parsing the file, causing the process to crash because of a memory access violation. In our tests we found that Microsoft Word XP, currently updated with SP3 and the latest patches, seems to be vulnerable to this bug, which causes Word to crash due to a 'divide by zero' exception," revealed “该缺陷影响的代码剖析Word文件,以便提取和显示概要信息(例如,文件类型,作者,标题,等等) 。格式错误的财产记录,在documentsummaryinformation流的Word文件会造成总管来存取一个无效的指针时,解析该文件,导致进程崩溃,因为记忆体存取违规。在我们的测试我们发现的Microsoft Word XP中,目前更新SP3和最新的补丁,似乎是脆弱的这个错误,这会导致Word崩溃的原因是'除以零'例外, “显示 Andrea Lelli安德列lelli , Symantec Security Response Engineer. ,赛门铁克安全响应中心的工程师。
According to Symantec, the bug is not Critical as it only allows for denial-of-service (DoS) attacks. 据赛门铁克的,错误是不是关键,因为它仅允许拒绝服务( DOS的)攻击。 Users browsing in Windows Explorer or attempting to open a malformed Word document will trigger the DoS exception, causing both applications to crash. 用户浏览在Windows档案总管或试图打开恶意的Word文件会触发DOS的例外,造成这两个应用程序崩溃。 Lelli stated that it is highly unlikely that an attacker will be able to execute malicious code on an affected system via exploiting the bug. lelli指出,它是极不可能的,攻击者将能够执行恶意代码对受影响的系统通过利用该缺陷。
"We took a look at the problem in the crafted proof-of-concept .doc and we think that the problem lies in the DocumentSummaryInformation container of a Word document stream. This object contains information about the document, such as the title and the author, and Windows Explorer will display this information when needed. For example, when we select a document from Explorer with the status bar visible, this information will be displayed on the status bar. This means that Explorer parses the document, reads the DocumentSummaryInformation, and parses the information stored inside," Lelli said." “我们采取了看问题,在制作的概念证明型。 doc和我们认为这个问题,关键在documentsummaryinformation货柜的Word文件流。这个对象包含文档信息,如标题和作者和Windows Explorer将显示这方面的资料,必要时。举例来说,当我们选择一个文件,从Explorer的状态栏可见,这方面的资料将显示在状态栏,这意味着Explorer的解析文件,读取documentsummaryinformation ,剖析储存的资料内, “ lelli说” 。
Via [ 通过[ Softpedia News softpedia新闻 ] ]
Written by ShaDow. 写的阴影。 Read more great feeds at is source 阅读更多伟大的饲料是来源 WEBSITE 网站
no comments 没有评论 . 。
Read more articles on 阅读更多的文章 otherSoftware othersoftware and 和 xp XP中 . 。
- [+] Digg [ + ] digg : Feature this article :特征此文章
- [+] Del.icio.us [ + ] del.icio.us : Bookmark this article :书签此文章
- [+] Furl [ + ] furl : Bookmark this article :书签此文章
