Security Fixes For WindowsXP and Winamp - Windows - HWzone פורומים
עבור לתוכן
  • צור חשבון

Security Fixes For WindowsXP and Winamp

Mr Gadget

נוצר על ידי Mr Gadget
ב Windows

Recommended Posts

Mr Gadget Zone Master

Mr Gadget

פורסם
פורסם

The Windows Shell is responsible for providing the basic framework of the Windows user interface experience. It is most familiar to users as the Windows Desktop, but also provides a variety of other functions to help define the user's computing session, including organizing files and folders, and providing the means to start applications.

An unchecked buffer exists in one of the functions used by the Windows Shell to extract custom attribute information from audio files. A security vulnerability results because it is possible for a malicious user to mount a buffer overrun attack and attempt to exploit this flaw.

An attacker could seek to exploit this vulnerability by creating an .MP3 or .WMA file that contained a corrupt custom attribute and then host it on a website, on a network share, or send it via an HTML email. If a user were to hover his or her mouse pointer over the icon for the file (either on a web page or on the local disk), or open the shared folder where the file was stored, the vulnerable code would be invoked. An HTML email could cause the vulnerable code to be invoked when a user opened or previewed the email. A successful attack could have the effect of either causing the Windows Shell to fail, or causing an attackers code to run on the users computer in the security context of the user.

Severity Rating: Windows XP Critical

Q329390 Patch For WinXP(32bit)

Q329390 Patch for WinXP(64bit)

(Taken from TechNet)

קישור לתוכן
שתף באתרים אחרים
Mr Gadget Zone Master

Mr Gadget

פורסם
  • מחבר
פורסם

Security Fixes For Winamp: Get The Latest And Be Protected

Some people just have too much time on their hands. Looks like someone out there discovered how to make programs crash by screwing around with the id3 tags in music files. We have taken measures to block anyone from taking advantage of you by adding a few security fixes to both Winamp 2.81 and Winamp3.

We would like to say that these builds have new features but in actuality they are the same versions of the programs that you already know and love. However, to be fully protected, we suggest that you download the latest versions of them from our site right away.

If you haven't downloaded Winamp since 12-17-2002 then you are vulnerable to the security exploit.

Go grab the new builds of Winamp3 and Winamp 2.81 now.

(Taken from Winamp.com)

קישור לתוכן
שתף באתרים אחרים

ארכיון

דיון זה הועבר לארכיון ולא ניתן להוסיף בו תגובות חדשות.

עבור לרשימת הדיונים
×
  • צור חדש...