本文披露了一个存在于Windows操作系统中的安全漏洞,该漏洞出现在处理带有特定标志和输入参数的MessageBox函数时,可能导致内存破坏并引发系统崩溃或挂起。文章提供了漏洞详情链接,并指出若服务使用用户提供的输入作为MessageBox函数的参数,则可能被远程利用。
Since it's already wide spread on the public forums and exploit is
published on multiple sites and there is no way to stop it, I think
it's time to alert lists about this.
On the one of Russian forums:
http://www.kuban.ru/forum_new/forum2/files/19124.html
message was published by NULL about vulnerability in Windows on
processing MessageBox() with MB_SERVICE_NOTIFICATION flag and
message/caption beggining with /??/. Vulnerability seems to be memory
corruption in kernel and causes system crash or hang after few
attempts. It seems to happen because message is logged to event log
and may point to some problem with event logs processing.
Vulnerability details and code may be found here:
http://www.security.nnov.ru/Gnews944.html
There is potential remote exploitation vector if some service uses
user-supplied input for MessageBox() function. Messenger service is
not vulnerable in this way, because it prepends user-supplied input
with additional string.
I contacted Microsoft on this issue on December, 16.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
