New flaw found in XP and Windows 2000
By Jennifer Scott,
A new flaw discovered in two of Microsoft’s operating systems is leaving machines vulnerable to hack attacks.
The “moderately critical” issue was discovered by Danish security research firm Secunia in Windows 2000 and XP, although the company indicated it could affect other versions too.
In a security advisory, Secunia said: “The vulnerability is caused due to a boundary error in the "UpdateFrameTitleForDocument()" function of the CFrameWnd class in mfc42.dll. This can be exploited to cause a stack-based buffer overflow by passing an overly long title string argument to the affected function.”
“Successful exploitation may allow execution of arbitrary code.”
Secunia has claimed the solution to the bug would be to “restrict access to applications allowing user-controlled input to be passed to the vulnerable function.”
Microsoft acknowledged the concerns via its Microsoft Security Response Twitter feed and said: “We are investigating reports of a vulnerability in mfc42.dll affecting Windows 2000 and XP. Will update when we have more information.”
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Operating Systems Analysis & Insight
HP PCs back on the menu with Dellish plans
HP will be sticking with its PSG group, as it casts its net far and wide. Can it manage?
- Thin clients aren’t the future – BYOD should be
- The problems facing Windows 8
- Desktop OS tablets vs Mobile OS tablets
- Haiku: Reason to believe
- FreeBSD and the GPL
- Has Linux gained too much weight?
- Will Mac OS ever be the business platform of choice?
- Where did Microsoft go wrong with Vista?
- Web operating systems
Latest Operating Systems Reviews
Ubuntu 12.04 review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Dell EqualLogic PS6100XS review
- Chromebooks: What's gone wrong?
- ICO: Fines for cookie law breakers
- UK regulator shuts down Angry Birds scam
- Open source software driving cloud-based innovation
- Fujitsu targets enterprises with Android ICS tablet
- IBM bans use of Siri on iPhones
- Dell PowerEdge R820 review
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
