Denial-of-Service Attack Targets Windows XP

 
 
By Brian Prince  |  Posted 2007-06-07
 
 
 

A vulnerability was uncovered in the way Windows Graphics Device Interface handles icon image files that leaves systems open to denial-of-service attacks.

GDI+ is an application programming interface that allows programmers to display information on screens and printers, as well as process ICO image files.

Click here to read about which Web server distributes the most malware, according to a Google survey of 80 million domain names.

According to a security advisory by the U.S. Computer Emergency Readiness Team, the problem lies in the way the ICO parsing component of GDI+ (Gdiplus.dll) handles ICO files with a height value of zero in the InfoHeader section of the ICO file.

By fooling a user into viewing a specially crafted ICO file, a remote attacker could trigger an integer division by zero denial-of-service condition. The bug, which was uncovered by a researcher at CSIS Security Group, is known to affect Windows XP systems.

An attacker who successfully exploited the situation could cause Explorer.exe to restart. With Windows Explorer, just having the malicious file on the desktop is enough to trigger the vulnerability.

A Microsoft spokesperson said the company was aware of reports of the vulnerability.

"We have determined that this is only a stability issue that has no potential for code execution," the spokesperson said. "Microsoft is not aware of customer impact at this time. Microsoft may address the reported issue in the next Service Packs for supported platforms. This stability issue does not exist in Windows Vista."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

Rocket Fuel