|
|
|
 |
Vulnerability Note VU#468227Microsoft Vista and Server 2008 vulnerable to memory corruption via saved searchOverviewMicrosoft Windows Vista and Server 2008 contain a memory corruption vulnerability when saving a specially crafted search file. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.I. DescriptionIn Windows Vista and Server 2008, users can save searches as a search folder that is generated by a .search-ms XML file. Microsoft Windows fails to properly parse .search-ms files, which can result in memory corruption.II. ImpactBy convincing a user to save a specially crafted search specified by a .search-ms file, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.III. SolutionApply an updateThis vulnerability is addressed in Microsoft Security Bulletin MS08-075. This bulletin also includes several workarounds, including changing the file association for .search-ms files and denying the ability to save searches.
Referenceshttp://www.microsoft.com/technet/security/Bulletin/ms08-075.mspx Thanks to Andre Protas of eEye for reporting this vulnerability. This document was written by Will Dormann.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||