Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.

https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Win32Help buffer overflow

LoLth · 2010-03-02 10:20:47

seems new vulnerabiliites arent limited to newer software :) there's a buffer overflow vulnerability in older version of windows help that allows remote code execution if the user can be convinced to press F1 while browsing a compromised website (and lets face it, a pop up alert with "press F1 to close" will do for 90% of…

02-03-2010 10:20AM

#1

LoLth

Registered Users, Registered Users 2 Posts: 10,339 ✭✭✭✭

Join Date: February 1998

Posts: 9351

seems new vulnerabiliites arent limited to newer software

there's a buffer overflow vulnerability in older version of windows help that allows remote code execution if the user can be convinced to press F1 while browsing a compromised website (and lets face it, a pop up alert with "press F1 to close" will do for 90% of internet users!)

original (public) release HERE

MS synopsis and advisory HERE

0