The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.
A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.
The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
Microsoft DirectX Runtime Web Installer (June 2010) Microsoft DirectX is a group of technologies designed to make Windows-based computers an ideal platform for running and displaying applications rich in multimedia elements such as full-color graphics, video, 3D animation, and rich audio. DirectX includes s
Microsoft Windows 2000 Patch: Winbond Super I/O Controller This update addresses an issue in Windows 2000 running on Compaq computer systems that use the Winbond Super I/O disk controller to access the floppy disk drive, and is discussed in Microsoft Knowledge Base (KB) Article Q301077. Download now to prevent you
Microsoft CRM Reports Update: 834790 Microsoft CRM Reports Update: 834790 is an update includes three sample parameter-driven reports. Parameter-driven reports improve the reporting performance by limiting the amount of data included in the report, and help provide reports that give only the
Microsoft Windows PowerShell 1.0 for Windows Server 2003 Microsoft Windows PowerShell 1.0 for Windows Server 2003 is a new command-line shell and scripting language designed for system administration and automation. It includes more than 130 command-line tools (called "cmdlets") for performing common system admi
Pocket Streets 2005 Downloadable Maps - Greece Download maps of major cities for Greece, in English, French, German, Spanish, Italian and Swedish languages. Your mobile device must be running Microsoft Pocket Streets 2005 for you to be able to view these maps. This version is the first release on CNET
Implementing XML Key Management Services Using ASP.NET This sample code shows how to build a Microsoft ASP.NET Web Service conforming to a SOAP message-based interface specification. Specifically, an interface defined by a Web Services Description Language (WSDL) document describing the SOAP messages and XML t
Triggers Admin Utility (for MSMQ 3.0 on Windows Server 2003) Triggers Admin Utility (for MSMQ 3.0 on Windows Server 2003). Utility to manage triggers for MSMQ 3.0 on Windows Server 2003 computers from the command line. Command line tool to manage triggers for MSMQ 3.0 on Windows Server 2003 computers. This version i
Microsoft Exchange Server 2003 Load Simulator (LoadSim) Simulate the performance load of MAPI clients with this benchmarking tool, which allows you to test how a server running Exchange 2003 responds to e-mail loads. This version is the first release on CNET Download.com.What is new in this release:This version
MSN Search Toolbar MSN Search Toolbar with Windows Desktop Search includes three toolbars that will change the way you search your PC and the Web. You can search from:
Internet Explorer and Windows Explorer
Other features include:
Automatic form fil
Video Password Setting Tool Encrypt your video files to exe format.You can set the playback password, playback password will be needed before the user plays an encrypted video. Support various types of video or audio files (e.g., wmv, avi, asf, mpg, rm, rmvb, mp4, flv, and vob) ;
DiscreetKey One-time-pad is the only technique that can withstand any current or future attack because it uses randomly generated data that a computer cannot predict. DataDiscretion provides this one-time-pad capability, previously dismissed as impractical, in a conve
SpyBuddy SpyBuddy is the spy software and computer monitoring product for monitoring spouses, children, co-workers, or just about anyone else! SpyBuddy allows you to monitor all areas of your PC, tracking every action down the last keystroke pressed or the last fil
File-Reg With this software you can legally register your work and prove it is yours in any court of law!
In most countries you automatically have copyright the moment you create something, but how do you prove it was you who thought up, developed or worked on y
Folder Lock Pro Folder Lock Pro is a professional security tool to lock, hide and protect your folders and files. With very easy to use interface, just a few click, you can lock your folder and keep it safe, no one can open it without a password. This tool also provide pr
System Lock System Lock safeguards your computer from harm. Armed with a fully customizable block list, the program keeps user-specified screens from appearing. This way, you keep people from accessing items such as the Windows directory, Recycle Bin, and Control Pane
Media Fortress Media Fortress is a media viewer/explorer that provides 256 AES Encryption. Resize your media, view slide shows, control volume, rewind and fast forward. Modeled after windows file explorer, the program is user friendly and features instant hot key invisib
SteganoG SteganoG store confidential data of any kind in a bitmap file that the image appears to be unchanged. A powerful compression and an adjustable image quality will also allow you to save relatively large amounts of data. For the security of your data, you ca
ePassword Keeper This program allows you to keep track of an unlimited number of passwords, PINs, and credit card numbers, and features encryption, drag-and-drop capabilities, a password generator, and a lock feature for extra security. Version 2.0 has the ability to show
Private Eye Private Eye is an invisible and easy-to-use PC activity monitoring tool. Records ALL keystrokes typed in any application window, such as user names, passwords, e-mails, chat sessions, instant messages (MSN/AOL/ICQ/AIM). ALL Web sites(URL's) visited in popu
Supported Operating Systems:
Windows 2000 |
Comments on :
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10