Thrird party fix issued for new severe Vista bug
Security experts of Australian firm discovered new vulnerability in
Windows Vista Device IO Control (iphlpapi.dll). Details on this flaw
were posted to bugtraq on last week. It was confirmed that
vulnerability affects both Vista Enterprise & Vista Ultimate 32 bit
& 64 bit. Windows XP is not vulnerable.
Microsoft hasn't yet responded to this issue, and many experts think that this vulnerability is not going to be fixed until next service pack. In order to successfully exploit this vulnerability, the attacker has to be member of the Network Configuration Operators group or the Administrators group.
Since this buffer overflow corrupts kernel memory, it could be possible that members of the Network Configuration Operator group exploit this and take control over the operating system. The sample proof-of-concept code developed by phion uses route-add commond to trigger the vulnerability.
Since there is no official patch available to correct this issue, unofficial workaround has been developed by phion. You can download it here.
Generaly speaking it's not recommended to install third party
updates/fixes/patches, cause it can trigger unnecessary side effects
and disturb stability of running applications. But it's up to you to
decide whether install it or not.
Posted at 02:38PM Nov 25, 2008 by admin in Security | Комментарии[1]
опубликовал Peter November 28, 2008 at 04:28 PM EST #