dwergs Posted September 26, 2007 Share Posted September 26, 2007 From Mess.be: Even though the recent webcam vulnerability in MSN/Windows Live Messenger was only just addressed, another exploitable bug has already surfaced. This time it's a buffer overflow error that affects the Sharing folders feature in Windows Live Messenger 8.1 (and maybe other versions) running on Windows XP. The safety of the Sharing folder feature got questioned before, but we now have a concrete example of how it can be abused. A Spanish security expert going by the name of Lostmon Lords has discovered that an attacker can cause a Denial-of-Service (DoS) or even execute arbitrary code in Windows Live Messenger 8.1 by means of a specially crafted jpg, wmf, gif, ico or doc-file. blue screen of deathThe attacker can "Create a sharing folder" for its victim and then put the malformed file into the physical location of that folder on his hard drive (My Computer > My Sharing Folders > victim@hotmail.com). Note that if the attacker would drag & drop the file directly into the Messenger window, his own client would crash. Considering that the victim has accepted the sharing folder, the attacker can simply click the sharing icon to crash Windows Live Messenger, or even Windows XP entirely when the process isn't terminated in time. The victim then needs to delete the sharing folder entirely to cease the exploitation. The vulnerability was discovered on the 20th of August 2007 and reported to Microsoft on the 23rd. The company responded one day later that it will address the issue in "the next service pack". Although there have been no reports yet of actual exploitation via this method, you should note that in order to protect yourself you should avoid sharing folders with contacts you don't trust. Link to comment https://www.neowin.net/forum/topic/590320-sharing-folders-vulnerable-to-buffer-overflow-remote-exploitation/ Share on other sites More sharing options...
Slimy Posted September 26, 2007 Share Posted September 26, 2007 Until they tell me 8.5 is vulnerable, this isn't really news to me. Sure it's still in beta, but if MS has it fixed already in an upcoming version, meh. I'm on Vista anyways :p Thankfully sharing folders are not enabled by default. Link to comment https://www.neowin.net/forum/topic/590320-sharing-folders-vulnerable-to-buffer-overflow-remote-exploitation/#findComment-588878342 Share on other sites More sharing options...
Rappy Veteran Posted September 26, 2007 Veteran Share Posted September 26, 2007 I never really saw the point of sharing folders tho they are a big threat to your system because they open a path between you and the user you are allowing access to so I wondered when this day would come. Link to comment https://www.neowin.net/forum/topic/590320-sharing-folders-vulnerable-to-buffer-overflow-remote-exploitation/#findComment-588878361 Share on other sites More sharing options...
Pc_Madness Posted September 27, 2007 Share Posted September 27, 2007 Does anyone actually use Sharing Folders? :p One of the first things I disable. :p Link to comment https://www.neowin.net/forum/topic/590320-sharing-folders-vulnerable-to-buffer-overflow-remote-exploitation/#findComment-588878816 Share on other sites More sharing options...
Recommended Posts