Vulnerability Note VU#467036
Microsoft Help and Support Center contains buffer overflow in code used to handle HCP protocol
There is a buffer overflow in the Microsoft Help and Support Center that could permit an attacker to execute arbitrary code with SYSTEM privileges.
The Microsoft Help and Support Center is a facility within WIndows to provide product help and documentation. Among other things, the Help and Support Center handles hcp protocol requests. According to Microsoft, "there is an unchecked buffer in an associated file used by the HCP protocol. This file is used by the Help and Support Center feature and is invoked automatically when HSC is launched." By convincing a user to follow a link or visit or view a malicious web page, an attacker can use this buffer overflow to execute arbitrary code with SYSTEM privileges. For more information, see Microsoft Security Bulletin MS03-044. This vulnerability is distinct from those diclosed in MS03-006 and MS02-060.
An attacker can execute arbitrary code with SYSTEM privileges.
Apply a patch as described in Microsoft Security Bulletin MS03-044.
Until a patch can be applied, you can limit your exposure to this vulnerability through the following steps:
These measures do not eliminate the vulnerability, but significantly reduce your exposure to it.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||16 Oct 2003|
CVSS Metrics (Learn More)
Our thanks to Microsoft for the information contained in their bulletin. Microsoft credited David Litchfield of NGSS for discovering the vulnerability.
This document was written by Shawn Hernan, based on information provided by Microsoft.
- CVE IDs: CAN-2003-0711
- Date Public: 15 Oct 2003
- Date First Published: 16 Oct 2003
- Date Last Updated: 16 Oct 2003
- Severity Metric: 31.64
- Document Revision: 8
If you have feedback, comments, or additional information about this vulnerability, please send us email.