Flaws - Exploit Code Out for Explorer Flaw - eWeek Security Watch
Security Watch
SHARE
Facebook X Pinterest WhatsApp

Exploit Code Out for Explorer Flaw

Written By
Lisa Vaas
Lisa Vaas
Mar 8, 2007
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Researchers are fuzzy about the impact of a flaw discovered in Microsoft Windows Explorer, but US-CERT’s advisory said there’s exploit code out there for it.

At issue is Windows Explorer’s failure to properly handle malformed Office documents. Although researchers aren’t clear about the implications, the advisory said that it may allow an attacker to take over a system and execute arbitrary code. Crashing Windows Explorer is the least of the woes the flaw could cause, US-CERT says.

The flaw is a memory corruption vulnerability in a library Windows Explorer uses to parse a document’s summary without having to open the document itself. Information such as line count, for example, can be gleaned from the summary. The flaw can be triggered by accessing a specially crafted document or the folder containing such a document.

There’s no solution at this point. A Microsoft spokesperson said the company is aware of the report, is investigating the issue and will issue a security advisory or patch if it’s warranted. No attacks have been reported, and Microsoft hasn’t heard of any customer impact, the spokesperson said.

Until a fix is available, US-CERT recommends these workarounds to lessen the danger of exploitation:

“Do not access untrusted Office documents: Do not access unfamiliar or unexpected Office documents, particularly those hosted on Web sites or delivered as e-mail attachments. See US-CERT’s Cyber Security Tip ST04-010 for more on this.Do not rely on file name extension filtering: In most cases, Windows will call Office to open a document even if the document has an unknown file extension. For example, if document.qwer contains the correct file header information, Windows will open document.qwer with the appropriate Office application. Filtering for common extensions (e.g., .doc, .xls and .ppt) will not detect all Office documents.“

Microsoft said that any customers who believe they are affected can contact Product Support Services. In North America, the toll-free number for Microsoft’s PC Safety line is 1-866-PCSAFETY. International customers can use any method to contact Microsoft found at this location: http://support.microsoft.com/security.

*Note: This post was updated to include Microsoft’s input.
Lisa Vaas
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information