The GoodFellas Security Research Team on Friday disclosed aflaw in the FindFile function of two Windows libraries.
The FindFile class is used to manage searches across theWindows filesystem, according to an advisory released by researcher JonathanSarba and the GoodFellas Security Research Team.
There is no available workaround or patch for the flaw,according to an advisory from Shellcode, an Argentina-based solutions providerwhere Sarba is a manager and security specialist.
Sarba declined comment today, but the GoodFellas advisorysaid the group notified affected independent software vendors on June 20 andMicrosoft a day later.
GoodFellas asked Microsoft for an update on Aug. 31, whichMicrosoft said on Sept. 5 was “coming soon,” according to Shellcode’s advisory.
Christopher Budd, Microsoft security program manager, saidtoday that the company is investigating reports of the flaw and will respondafter the inquiry is complete.
The Redmond, Wash.-based corporationis unaware of any attacks targeting the reported vulnerability, Budd said.
The Denmark-based vulnerability monitoring organizationcited two HP products that have vectors allowing exploitation: All-In-OneSeries web release software driver/installer version 2.1.0 and HP Photo andImaging Gallery version 1.1.
Secunia recommended that users restrict access to affected applicationsand check the length of user input.
Don Leatham, director of solutions and strategies atLumention Security (formerly PatchLink), told SCMagazineUS.com today that thevulnerability is “another example of a standard buffer overflow.”
“It’s a little bit concerning because it’s part of thefoundation class library of Windows, which you would think a lot ofapplications would be using,” he said. “It looks like it can definitely be usedfor remote code execution, as well as a local attack.”