'Fully Patched' Microsoft Windows XP, 2000 Still Vulnerable To Attack
The Windows vulnerability, which Secunia rates as "moderately critical" is the result of a boundary error in the "UpdateFrameTitleForDocument()" function of the CFrameWnd class in mfc42.dll. The vulnerability can be exploited to cause a stack-based buffer overflow error, which occurs by passing an overly long title string argument to the vulnerable function.
If exploited, the vulnerability can open the door for hackers to launch remote code execution attacks, aimed at taking control of a user's computer and stealing sensitive data, typically through social engineering schemes.
Specifically, the vulnerability is confirmed in fully patched versions of Windows 2000 Professional SP4 and Windows XP SP2/SP3, although other versions may also be affected.
In addition, the PowerZip version 7.2 Build 4010 was also found to be an attack vector exploiting the flaw, the Secunia advisory states.
Thus far, Microsoft has yet to release a patch fixing the error, and has not yet issued an advisory warning users about the flaw. Until then, Secunia recommends that users restrict access to applications that allow user-controlled input to be passed to the vulnerability.