Slashdot Mirror

← Back to Stories (view on slashdot.org)

Oops! Missed One Fix — Windows Attacks Under Way

Posted by timothy on from the don't-blame-microsoft-alone dept.

CWmike writes "Microsoft says attackers are now exploiting a critical Windows bug that it didn't get around to fixing in its biggest batch of security patches in more than five years, issued yesterday. Microsoft said that 'limited and targeted' attacks are in progress by hackers exploiting an unpatched vulnerability in the WordPad Text Converter, a tool included with all versions of Windows. If Microsoft patches the WordPad problem on its monthly schedule, the first opportunity for fixing the flaw would be Jan. 9, 2009." Update: 12/10 22:28 GMT by T : OK, there might have been more than one: reader Simon (S2) writes "There is an even more serious flaw ... From SANS: 'There is a 0-day exploit for Internet Explorer circulating in the wild. At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon. This is a brand new exploit that is *not* patched with MS08-073 that was released yesterday. I can confirm that the exploit works in a fully patched Windows XP machine. The exploit is a typical heap overflow that appears to be exploiting something in the XML parser.'"

6 of 292 comments (clear)

  1. I don't understand by veganboyjosh · · Score: 4, Interesting

    How can code in the wordpad text editor leave a machine vulnerable? Can someone explain this in a way that's not super technical? Faulty code in a browser, or similar, I can understand.

    1. Re:I don't understand by cheater512 · · Score: 2, Interesting

      Is it just me or would this attack be impossible if Windows used mime types correctly.

      E.g. On Linux it generally doesnt matter what the file extension is, it always opens in the correct program due to the mime type being used to determine the program and not the file extension.

    2. Re:I don't understand by Chabil+Ha' · · Score: 2, Interesting

      Reminds me of my favorite notepad pseudo-easter egg. Type the words below in a new instance of Notepad, save it, close it, re-open it in Notepad and see what it does...

      this app can break

      --
      We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
  2. Re:WordPad? by MiniMike · · Score: 2, Interesting

    Are .rtf files now unsafe on Windows?

    .rtf? RTFA!

    Btw, the answer is yes, they are unsafe on Windows, if you want to keep them safe move your .rtf files to a Linux machine asap. But they are not vulnerable to this exploit.

  3. Re:That's good thinking... by _Sprocket_ · · Score: 4, Interesting

    Not at all. You see - exploits are only developed by analyzing patches. What you have here is a very advanced malware developer. For they had gazed on the patch and, instead of seeing the vulnerabilities being patched, they saw the one that was not. It's all very Zen.

    Actually - it's not the first time Microsoft's patch cycle has been gamed.

  4. Here's the Exploit Code by Radhruin · · Score: 2, Interesting

    Here's the exploit code referenced in the article update... The second one apparently works on Vista, too. http://www.milw0rm.com/exploits/7403 http://www.milw0rm.com/exploits/7410