On GameFAQs: The top 10 forgotten RPGs
BNET Business Network:
BNET
TechRepublic
ZDNet
44 TalkBacks

By Matt Hines
Posted on ZDNet News: Jan 25, 2005 12:00:00 AM

Antivirus specialist GeCad Net is warning that it has found a problem with Microsoft's most recent software patch for Windows.

The Bucharest, Romania-based security service provider said that a critical patch issued by Microsoft in its MS05-001 bulletin earlier this month fails to resolve all of the security issues surrounding the HTML Help ActiveX control in Windows. Microsoft distributed the fix, along with additional security updates, to address the threat of attackers placing and executing malicious programs such as spyware on affected computers.

GeCad, which sold its antivirus software business to Microsoft in 2003, said that the patch has not addressed at least one so-called attack vector, or weakness, that could allow an exploit of the HTML Help ActiveX control vulnerability.

A Microsoft representative said Monday that the Redmond, Wash.-based company is already working to close the loophole reported by GeCad, and emphasized that the January patch had fixed the original reported problem.

"Microsoft issued an update to address a vulnerability in the HTML help control in Windows, and this update does protect against the publicly reported vulnerability," the representative said.

Moreover, the software maker disagreed that it overlooked a potential exploit with its patch. Instead, it said that the problem is a new flaw in HTML Help control that was not tackled in the update.

"Microsoft has been made aware of a publicly reported exploit of a different vulnerability than the one addressed," the representative said. "This vulnerability could be exploited in such a way as to cause the HTML Help control to execute code on a user's computer."

Microsoft did not say whether the fix would be released before its February patch bulletin.

GeCad said it is not disclosing technical details of the attack method right now for "security reasons." Microsoft has butted heads with security researchers in the past when they have disclosed information about flaws before the company has been able to patch them.

The antivirus company said the potential for attack is opened up if a computer is updated with Microsoft's Windows XP Service Pack 1 or Windows 2000 Service Pack 4, along with the most recent security patches. It also noted that updating with Microsoft's Windows XP Service Pack 2 seems to prevent the problem.

In 2003, Microsoft purchased GeCad Software, GeCad's antivirus software development business, but the remaining company continues to operate as a security researcher and consultancy. Microsoft is expected to release its own antivirus software sometime later this year.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 44 Talkback(s)
The actual code? Maybe not...
... but it certainly shows flaws in the overall design and the conceptual way MS approaches it. I've been using Windows 95 and later for years and hacking the registry to get things done or fix thing... (Read the rest)
Posted by: mds_z Posted on: 01/28/05 You are currently: a Guest | | Terms of Use
Man, nothing but excuses. They should be thankfull that people are helping.  DonnieBoy | 01/24/05
Hardly.  ShadeTree | 01/25/05
The codebase is the problem ...  George Mitchell | 01/24/05
Every time there is another flaw reported...  ShadeTree | 01/24/05
Different: This is a flaw in the patch for the flawed OS  Xunil_Sierutuf | 01/24/05
Wrong!  ShadeTree | 01/24/05
So what you're saying is the patch is flawed. (nt)  Letophoro | 01/24/05
The patch fixed the problem...  ShadeTree | 01/25/05
The patched fixed the problem?  nucrash | 01/25/05
A new flaw  ShadeTree | 01/25/05
The flaw is in my reading.  nucrash | 01/25/05
Actually, the flaw is in Shadetree's reading ability  mds_z | 01/28/05
So, you can't write good code? All created equally bad??  DonnieBoy | 01/24/05
Since the code is proprietary...  ShadeTree | 01/25/05
We can only comment on what we see, and what we see looks very bad.  DonnieBoy | 01/25/05
You are aware...  ShadeTree | 01/25/05
Missing logic here  IT_User | 01/25/05
Not my conclusion.  ShadeTree | 01/25/05
Use some common sense  voska | 01/25/05
It is complex because...  ShadeTree | 01/25/05
Partially correct ...  George Mitchell | 01/25/05
So yuor arguement is...  ShadeTree | 01/25/05
Of course one can have their cake and eat it to ...  George Mitchell | 01/26/05
Then apparently you aren't paying attention  IT_User | 01/24/05
Nicely Done!  Mack DaNife | 01/25/05
Supposition!  ShadeTree | 01/25/05
I pick it up from Microsoft Press  nucrash | 01/25/05
So an author who is published by Microsoft Press...  ShadeTree | 01/25/05
Steve McConnell  IT_User | 01/25/05
So it's spaggetti code  voska | 01/25/05
The Windows architecture is well known by all ...  George Mitchell | 01/25/05
Your arguements do not hold water  ShadeTree | 01/25/05
Spin it as you like ...  George Mitchell | 01/25/05
The actual code? Maybe not...  mds_z | 01/28/05
And, the problem for MS? The bad code also provides lock-in.  DonnieBoy | 01/24/05
So Anton  Richard Flude | 01/24/05
My rep has the right idea:  Mike Cox | 01/24/05
Glad see you back in rare form 9.5  Squawkbox | 01/24/05
9  CobraA1 | 01/24/05
7.5 ..... you sound bored  DarbyOhara | 01/25/05
Read our lips - an exploit is an exploit is an exploit  CobraA1 | 01/24/05
Too bad the code is open for millions of eyes to see  FilledOut | 01/25/05
Son of a patch...  boomslang_z | 01/25/05
Oh, the fine print...XPSP2 not affected  Big Steve_z | 01/27/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline