• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Microsoft Patches Critical Windows Help Center Vulnerability: Two Windows Bulletins Correct Flaws in Helpctr.exe and Cdd.dll

July 13, 2010 By The Editor

Summary:

  • These vulnerabilities affect: All versions of Windows XP and Server 2003, as well as the 64-bit versions of Windows 7 and Server 2008 R2
  • How an attacker exploits them: Multiple vectors of attack, including enticing your users to visit a specially crafted website
  • Impact: Various results; in the worst case, an attacker can gain complete control of your Windows computer
  • What to do: Install the appropriate Microsoft patches immediately, or let Windows Automatic Update do it for you.

Exposure:

Today, Microsoft released two Windows security bulletins describing two vulnerabilities that, combined, affect many of the currently used versions of Windows. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity.

  • MS10-042: Windows Help and Support Center Zero Day Vulnerability

About a month ago, Tavis Ormandy, an Information Security Engineer at Google, disclosed a complicated, yet serious security vulnerability in Windows’ Help and Support Center (Helpctr.exe) to the Full-Disclosure mailing list. Essentially, the issue has to do with a security bypass vulnerability in Helpctr.exe combined with a Cross-Site Scripting (XSS) flaw in one of Windows’ default help documents. You can learn more about this flaw in our original Wire post. In short, if an attacker can lure you to a specially crafted web page or link, he can leverage these flaws to execute code on your computer, possibly gaining  full control of it. Ormandy included a Proof-of-Concept (PoC) exploit with his early disclosures, and a few days later, attackers reportedly began exploiting this flaw in the wild. For this reason, we recommend you download, test, and deploy this update as quickly as you can. This vulnerability only affects Windows XP and Server 2003.
Microsoft rating: Critical.

  • MS10-043: Canonical Display Driver Vulnerability Affects Windows x64

In May, Microsoft also released a Security Advisory about an unpatched image handling vulnerability involving the Canonical Display Driver (Cdd.dll) that ships with the 64-bit versions of Windows 7 and Server 2008 R2. We described this vulnerability in this Wire post. Basically, if an attacker can entice you to a malicious website containing a specially crafted image, or into opening such an image within an application that uses the flawed graphics APIs, he can exploit this flaw to either cause your machine to crash and reboot with a Blue Screen of Death (BSOD), or to execute code on your machine with your privileges. Since most Windows users have local administrative privileges, attackers could likely leverage this flaw to gain complete control of a victim’s PC. Today’s bulletin fixes this previously unpatched issue.
Microsoft rating: Critical.

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.

MS10-042:

  • Windows XP
  • Windows XP x64
  • Windows Server 2003
  • Windows Server 2003 x64
  • Windows Server 2003 Itanium
Note: This flaw does not affect any other versions of Windows.

MS10-043:

  • Windows 7 x64
  • Windows Server 2008 R2 x64
Note: This flaw does not affect any other versions of Windows.

Does My Firewall Help?

Attackers can exploit these flaws using diverse exploitation methods, including by simply tricking you into viewing a malicious image. Therefore, installing Microsoft’s updates is your most secure course of action.

Status:

Microsoft has released patches correcting these issues.

References:

  • Microsoft Security Bulletin MS10-042
  • Microsoft Security Bulletin MS10-043

Share This:

Related

Filed Under: Security Bytes Tagged With: Microsoft

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use