NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA List Master

NRT-0091 US-CERT Warns of Exploit Code for Explorer Flaw:

Researchers are unclear about the impact of a flaw discovered in Microsoft Windows Explorer, but a US-CERT advisory has warned of the availability of exploit code for it, according to an online press report. At issue is Windows Explorer's failure to properly handle malformed Office documents. The advisory said the flaw might allow an attacker to take over a system and execute arbitrary code. Crashing Windows Explorer is the least of the woes the flaw could cause, US-CERT says.

The flaw is a memory corruption vulnerability in a library Windows Explorer uses to parse a document's summary without having to open the document itself. Information such as line count, for example, can be gleaned from the summary. Accessing a specially crafted document or the folder containing such a document can trigger the flaw.

A Microsoft spokesperson said the company is investigating the issue and will issue a security advisory or patch, if warranted. No attacks have been reported and Mcrosoft has not heard of any customer impact, the spokesperson said.

Until a fix is available, US-CERT recommends that users not access untrusted or unexpected Office documents, particularly those hosted on web sites or delivered as email attachments. US-CERT Cyber Security Tip ST04-010 provides more information.

(http://securitywatch.eweek.com, 08MAR07)

Last Modified: Friday, 23-Mar-2007 17:52:59 EST