MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
Last Updated: 2006-08-08 19:36:36 UTC
by Lorna Hutcheson (Version: 1)
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1
for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
Impact: Remote Code Execution
Description: This update actually addresses two separate issues. One is the Hyperlink COM Object Buffer Overflow Vulnerability and the other is the Hyperlink Object Function Vulnerability. Each of these will be addressed seperately below.
Hyperlink COM Object Buffer Overflow Vulnerability: There is a buffer overflow in the Hyperlink Object Library which is used to handle hyperlinks. An attacker who created a malicious hyperlink could take complete control of the system. The attacker only gains the rights as the user logged on the system. Good Admins don't let users run as Administrator!
Hyperlink Object Function Vulnerability: From Microsoft: "This problem exists when the Hyperlink Object Library uses a file containing a malformed function while handling hyperlinks." This is the result of another buffer overflow in the Hyperlink Object Library. Again, the attacker only gains the rights of the user logged on the system.
Even though the severity rating of these are listed as Important, I would venture to say they are under rated and would recommend patching ASAP.