Appear malicious code to attack Windows Help error

Microsoft said it was investigating more about the recently discovered Windows Help file security vulnerability and warned that the attack malicious code had appeared on the Internet.

In fact, this error was discovered by McAfee and announced to Microsoft from April 11 along with three other zero-day errors in Office. Shortly after, Microsoft voiced the denial of three zero-day errors and issued a warning about Windows Help errors.

File errors named Windows Help are actually a buffer overflow security error. This error exists in Windows XP, Windows Server 2003, Windows NT and Windows 2000.

Security firm Security Focus says this error arises when the Help File Viewer application cannot perform memory boundary checks before copying data to the cache. An error occurs if the application must handle a malicious Windows Help file.

" If you successfully exploit a security breach, you can gain the right to execute code on a system that is at fault. If that fails, they also cause a denial of service ," Security Focus said. .

A Microsoft spokesperson confirmed that the company is investigating this vulnerability and confirmed that Microsoft has always considered the Windows Help file to be a similar "exe" dangerous format. The company recommends that users not open these files if they are sent from an unknown source.

Speaking on his blog, Hon Lau - an expert of Security Response Team of Symantec - said there were no attacks targeted at the Windows Help and spread widely.

However, Mr. Lau also said that there appeared malicious code called Bloodhound.Exploit.135 capable of attacking Windows Help errors. This malicious code has been distributed on the Internet.

Hoang Dung