Jump to content

40 Windows apps affected by critical security flaw, researcher claims


Recommended Posts

A Texas-based researcher claimed he had discovered that about 40 different Windows apps, including the Windows shell, suffer from a critical vulnerability that could open up users to attacks by hackers. The flaw was originally discovered in iTunes for Windows, and was patched by Apple four months ago with iTunes 9.1.

Rapid7 chief security officer HD Moore detailed his findings to Computerworld in an interview on Wednesday. He said a wide range of applications are affected, and it was found while looking into another flaw involving Windows shortcuts, which Microsoft patched in an emergency update.

The flaw exists in how the programs handle malformed DLLs. While the methods to trigger the hole differ slightly from application to application, execution causes the hole to open which allows the hacker to execute arbitrary code and/or install malware on the infected machine.

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...