Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    February 2012
    S M T W T F S
    « Jan    
     1234
    567891011
    12131415161718
    19202122232425
    26272829  
    • About Us
    Malware Blog > Microsoft Help Workshop .CNT files Buffer Overflow

    Microsoft Help Workshop is vulnerable to a remote code execution exploit while processing malformed .cnt files.

    A POC, made by porkythepig, has already been released and are already found in numerous sites like milw0rm.com.

    The Microsoft Help Workshop is not included in the default installation of Microsoft Windows, it is however a standard component of MS Visual Studio v6 and 2003 (.NET) and if .cnt files are already associated with Help Workshop all that’s needed is for the user to double click the file, so please still be on the lookout for malwares exploiting this vulnerability.

    Still, the best approach for this is user alertness, be wary of email attachments with the .cnt extension, and rather be wary of ALL email attachments especially if you’re not expecting any.





    Share this article
    		 Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon



    This entry was posted on Friday, January 19th, 2007 at 5:20 am and is filed under Uncategorized . Both comments and pings are currently closed.



    Comments are closed.



     

    Other Trend Micro blogs
    CTO Insights
    CounterMeasures Blog
    Cloud Security Blog
    Consumerization Blog
    Fearless Web
    Internet Safety for Kids & Families
    Simply Security News
    Trend Micro Blog [German]
    TrendLabs Security Blog [Japan]
    Cloud Security APAC
    Trend Micro Free Tools Threat Encyclopedia Trend Micro Videos
    Do you have a product-related question? Visit our eSupport website.

    © Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice