Home > IT, Security > It Never Fails…

It Never Fails…

April 11th, 2007 Leave a comment Go to comments

Yet again we see it happening... Patch Tuesday rolls around and suddenly we're hit by more "0-days" for Microsoft products. This time it's primarily Office, but a heap-overflow in .HLP files was also released. McAfee AVERT Labs have been doing some research into the vulnerabilities, however they haven't had much to say yet. Initially they only addressed the Office flaws but came back later to include the .HLP heap-overflow. These 4 PoCs (2 DoS and  2 overflows) were released to the Full Disclosure mailing list by muts (of BackTrack fame). This was also discussed over at heise Security. They have mentioned that there's no proof yet that these are new vulnerabilities, they may actually be related to the vulnerabilities announced by eEye.

I guess only time will tell but this could mean an increase to the number of items on the 'Missing Microsoft Patches' list.

Categories: IT, Security Tags:
  1. No comments yet.
  1. No trackbacks yet.