Threat Level: green Handler on Duty: Russ McRee

SANS ISC: New Exploit for HTML Help Workshop vulnerability SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Exploit for HTML Help Workshop vulnerability
Only 5 days after the release of the vulnerability, two exploits are on the street.  Both exploits, tested on WINXP SP2, will give the attacker the ability to run code of her or his choosing on the compromised machine.  As of this writing, a patch has not been made available, as far as we know.

Windows XP SP2 is not vulnerable in its default configuration. Microsoft noted that the HTML Help Workshop SDK has to be installed in order for the exploit to work. This SDK is a self contained download and at this point we are not aware of anything that would bundle this SDK. Given that is is an issue with this particular application, there is a chance that it may be exploitable on Windows versions other then XP SP2.

- Vulnerability in HTML Help Workshop SDK, which is not installed by default.
- Exploit tested on Windows XP SP2.
- Exploit may work on other platforms that have HTML Help Workshop SDK installed, but we haven't tested it yet.

Please let us know if you have this SDK installed, in particular if it came bundled with other software.

See this URL for more details:

Tony Carothers
Handler on Duty


150 Posts
ISC Handler
Feb 11th 2006

Sign Up for Free or Log In to start participating in the conversation!