Feeds

Windows HyperTerminal surrenders your box

Unchecked buffer week

  • alert
  • submit to reddit

Intelligent flash storage arrays

Microsoft issued its third security bulletin for the week on Friday, this time reporting an unchecked buffer susceptible to an overrun attack in the ubiquitous HyperTerminal Telnet/serial client which cheerfully sets itself up as the default during Windows installation.

A maliciously-crafted Telnet URL can be used to trigger a buffer overrun, which in turn would enable an attacker to run arbitrary code on a machine with the victim's level of permission. A malicious HTML page exploiting the hole could easily be circulated via e-mail.

Another issue resides in code that processes session files, which enable HyperTerminal users to specify parameters such as the connection method and the destination host, Microsoft says.

Thus if a user opened a maliciously-crafted session file, it too would trigger the buffer overrun.

Because the flaw is specific to the utility, not the OS, an exploit can easily be developed to attack all Win machines running HyperTerminal without individual modifications for the several flavors of Windows in circulation.

Windows 98, 98SE, ME, NT, and 2K are all vulnerable, though in the case of 2K, HyperTerminal is not automatically installed as the default client.

Since Win95 is no longer supported, we're uncertain whether its edition of HT is affected, but chances are it's vulnerable too. There's no 95 patch, and there won't be. Didn't you know you were supposed to buy a 98 upgrade ages ago?

It's been a rough week for Redmond security. On Tuesday we learned of a Word macro vulnerability; on Thursday a Windows Media Player vulnerability; and Friday the HyperTerminal matter, all of which are exploitable in highly destructive ways.

Friday's hole is related to but not the same as a vulnerability reported back in October, so HyperTerminal users need to install fresh patches. The one issued previously is not adequate protection.

HyperTerminal is made by software outfit Hilgraeve. ®

Related Links

Win98, 98SE patch
WinME patch
Win2K patch

Intelligent flash storage arrays

More from The Register

next story
Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop
Web giant looking into why version 5.0 of Android is crippling older slabs
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.