Microsoft buffer: Let’s get ready to grumble
A newly-publicized flaw in Vista’s networking system could allow hackers to attack computers using Windows itself. Microsoft is aware of the problem but won’t be issuing a fix until the next Service Pack at the earliest.
The problem affects a part of Vista named iphlpapi.dll. This affects local networking, specifically the system used to identify each individual machine on a network.
Austrian security firm Phion has discovered a bug, which makes it possible to create a buffer overflow. That involves writing a string of information that is bigger than the section of memory allocated to it; some of the data then spills over into a separate section of memory, which can cause problems.
So far the security experts have only been able to prove it’s possible to exploit this bug by screwing up the memory so much that it crashes Vista altogether. However, the bug could allow a program limited to a certain section of memory to access parts of the memory that should be strictly off-limits. In this particular case, it could even be possible for a program to gain full control over Windows.
There’s no evidence yet that any hackers have even attempted to exploit the problem, though the news will certainly give them ideas. Phion reported the problem to Microsoft on Oct. 22 and believes the firm will fix the issue in Vista Service Pack 2. However, Microsoft isn’t giving any details about when or how it will tackle the bug.
Until Microsoft fixes the problem, there aren’t any major steps individual users can take. However, it should serve as a reminder to maintain general security measures. As any exploit of this problem would probably have to gain administrator access first, it may be worth keeping an extra eye out for suspicious links in e-mails and websites. And if nothing else, it’s a reminder than User Account Control does serve a purpose other than irritating users.
Related Posts:
