Nearly 40 different Windows applications would be affected by a critical security vulnerability.
Wednesday ACROS has released a vulnerability (some details only) affecting only the Windows version of iTunes. Nothing really noteworthy, since the discovery of the Slovenian company duly reported to Apple has already been corrected for several months (iTunes 9.1). Except that H. D. Moore responded to this publication pointing a similar problem that affects almost 40 different Windows applications including Windows Shell, the main GUI operating system from Microsoft.
The man, who is known for having founded the Metasploit project that gave birth to the famous framework for the development and implementation of codes remote exploits, however, refused to give the names of vulnerable applications. He nevertheless said that a patch will be applied individually to each of them.
According to the explanation of ACROS, in the case of iTunes, attackers can execute arbitrary code on Windows computers via the opening by the user of a media file present on the same network that shared malicious DLL. A vulnerability that can be exploited via HTTP and WebDAV.
Asked by Computerworld, HD Moore said that the attack vector is slightly different for many Windows applications, but the final result is the same with loading a malicious DLL. Pending patches , advises Windows users to block trade SMB on TCP ports 139 and 445, and disable the WebDAV client.
In threat post (Kaspersky Lab), stressed that H.D "wide range of things" are really vulnerable, "open source and commercial".
