A flaw in the way Microsoft Corp.'s Windows operating system handles help files could let an attacker hijack a targeted computer, security experts say.
The flaw would allow a malicious individual to supply a specially crafted Windows Help file with data that would overflow parts of a computer's memory, breaching security and allowing the attacker to run software at will on the affected machine, security software vendor Symantec Corp. said in an advisory Thursday.
The exploit would require a person to open the malicious file, but even failed attack attempts could lock up the system, according to a detailed entry on Symantec's SecurityFocus site.
CBC News Online did not find any mention of the reported vulnerability on Microsoft's own security or related technical information sites, and Microsoft spokespeople were not immediately available for comment.
Because Symantec has received no reports of attacks that make use of the weakness, the company gave the issue a "very low" risk rating — its lowest ranking on a five-point scale.
"At this point we have not seen this vulnerability actively exploited in the wild, but since there is no vendor-supplied patch available, we would urge that users continue to remain vigilant, keep your security products up to date, follow safe computing guidelines and refrain from opening .hlp files received from unsolicited or dubious sources," Symantec researcher Hon Lau wrote on Symantec's Security Response weblog Thursday.
On April 3, Microsoft rushed out a security patch to address a vulnerability in the way that its operating system handles animated cursors or pointers that had initially been regarded as a low-risk threat.
Symantec noted that it had issued an update to its anti-malware software that can detect attempts to exploit the new help file vulnerability.
The flaw affects multiple versions of Microsoft's operating system, including Windows 95, 98, 2000, ME, NT, Server 2003 and XP. The latest Vista version of Windows is not affected.
______________________________________________________________
After having a mouse hijack, we now have help files hijack.
