Flaw in Windows Server

Date: June 05, 2006
Source: COMPUTERWORLD
By: Jeremy Kirk

A new flaw found in Microsoft Corp.'s software could be exploited to cause a denial-of-service attack on certain applications although the bug isn't viewed as being severe.

The flaw could be exploited through a buffer overflow attack, security vendor Secunia reported yesterday. A buffer overflow occurs when excess data flows into an area of memory, spilling over so that it overwrites data in adjacent areas or causes unintended code to execute.

The problem affects the Home and Professional editions of Microsoft Windows XP Service Pack 2, and four versions of Windows Server 2003: Datacenter, Enterprise, Standard and Web edition, Secunia said in an advisory.

For the attack to occur, a user would have to be lured into visiting a malicious Web site with a long URL or else open an Internet shortcut that leads to such a site.

Microsoft said today that it was investigating the flaw and that it wasn't aware of any attacks that took advantage of it.

Original article

---

Add comment  Email to a Friend