The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.
A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.
The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
BizTalk 2002 Adapter for FTP The Microsoft BizTalk 2002 Adapter for FTP integrates vital data stored on a variety of platforms with line-of-business applications using the FTP protocol. The adapter is composed of two core features: Inbound receive function. Outbound application integr
Web Service Software Factory: Modeling Edition - February 2008 Web Service Software Factory: Modeling Edition - February 2008 is an integrated collection of resources designed to help you quickly and consistently build Web services that adhere to well-known architecture and design patterns. These resources consist of
Microsoft Data Access Components (MDAC) Microsoft Data Access Components (MDAC) 2.8 contains core Data Access components such as the Microsoft SQL Server OLE DB provider and ODBC driver. This redistributable installer for the MDAC 2.8 release installs the same Data Access components as Microsoft
Microsoft Deployment Toolkit 2012 (64-Bit) Microsoft Deployment Toolkit 2012 (64-Bit) is the newest version of Microsoft Deployment Toolkit, a Solution Accelerator for operating system and application deployment. MDT 2012 supports deployment of Windows 7, Office 2010 and 365, and Windows Server 200
InfoPath 2003 Toolkit for Visual Studio .NET The InfoPath 2003 Toolkit for Visual Studio .NET is designed for developers who are interested in creating form templates in InfoPath 2003 using Visual Studio .NET 2003. The InfoPath 2003 Toolkit for Visual Studio .NET provides integration features and doc
Windows Cache Extension for PHP 5.3 Windows Cache Extension for PHP is a PHP accelerator that is used to increase the speed of PHP applications running on Windows and Windows Server. Once the Windows Cache Extension for PHP is enabled and loaded by the PHP engine, PHP applications can take a
Security Update for Exchange 2000 Server (KB894549) Security Update for Exchange 2000 Server (KB894549) addresses the Microsoft Exchange Server vulnerability addressed in the Microsoft Security Bulletin MS05-021. This version is the first release on CNET Download.com.What is new in this release:This version
Microsoft ProClarity Dashboard Server Hotfix. A cumulative hotfix 2209 for Microsoft ProClarity Dashboard Server 6.3. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on CNET Download.com.Requirements:Windows 2000/Vista/2003 Server
ArticSoft FileAssurity Easy to use, PKI enabled file, folder and email security software. Encrypt and digitally sign your files, folders and emails. Securely delete your files to US Government DOD standards. Create secure archives (just like WinZip but securely protected). FileA
Best Disk Lock DoGoodSoft Best Disk Lock is a powerful disks lock and USB storage devices control package. It can protect your data on disks and USB storage devices from leakage.
To meet different users' need, this software provides three different lock levels - elem
Crypticalizer Crypticalizer (the free version) is a program that will allow you to encrypt the information typed into the input box (the white box) or that's imported from a text (.txt) file and then export it as a Blowfish encrypted file (which is 448-bit encryption! -
Manyprog PDF Password Recovery This simple program is designed to restore password to pdf file. This handy tool will be indispensable cases, if the password to the pdf document is hopelessly lost. A distinctive feature of this tool is that it not only can remove protection from pdf docu
PShellExec PShellExec is a free tool for protecting PowerShell Scripts. It can prevent sensitive data leaks and control who executes scripts using passwords and secure script parameters. Scripts are executed in memory to protect the intellectual property of their aut
2X SecureRDP 2X SecureRDP dramatically increases the security of your terminal servers by accepting/denying incoming RDP connections by IP, Mac address, computer name. Logon screen is only displayed if the connection is established from particular IPs or machines. Comp
Activity Keylogger Activity Keylogger records all typed keystrokes, chat conversations, screens viewed, and Web sites visited. It also keeps track of the system Clipboard. During monitoring sessions, Activity Keylogger can be customized to be completely invisible and cannot
MyWinLocker With over 10 million installations worldwide, MyWinLocker lets you take control of your privacy. Hidden files will never get any attention. Using the new Yo-Safe to store your important or sensitive data is just so easy. The advanced encryption technology
BizCrypto Tools BizCrypto is an integrated suite of carefully crafted components for digital security and Internet data transfer which you use in automation of Microsoft BizTalk and Microsoft SQL Server Integration Services.
BizCrypto lets you add an additional level of
Wise Folder Hider Pro Wise Folder Hider Pro is designed to password-protect your folders and files from being seen, read or modified by the priers. It provides enhanced security for files and folders on your Windows PC, blocking the unauthorized access of your private files or
Supported Operating Systems:
Windows 2000 |
Comments on :
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10