Feeds

Windows HyperTerminal surrenders your box

Unchecked buffer week

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Microsoft issued its third security bulletin for the week on Friday, this time reporting an unchecked buffer susceptible to an overrun attack in the ubiquitous HyperTerminal Telnet/serial client which cheerfully sets itself up as the default during Windows installation.

A maliciously-crafted Telnet URL can be used to trigger a buffer overrun, which in turn would enable an attacker to run arbitrary code on a machine with the victim's level of permission. A malicious HTML page exploiting the hole could easily be circulated via e-mail.

Another issue resides in code that processes session files, which enable HyperTerminal users to specify parameters such as the connection method and the destination host, Microsoft says.

Thus if a user opened a maliciously-crafted session file, it too would trigger the buffer overrun.

Because the flaw is specific to the utility, not the OS, an exploit can easily be developed to attack all Win machines running HyperTerminal without individual modifications for the several flavors of Windows in circulation.

Windows 98, 98SE, ME, NT, and 2K are all vulnerable, though in the case of 2K, HyperTerminal is not automatically installed as the default client.

Since Win95 is no longer supported, we're uncertain whether its edition of HT is affected, but chances are it's vulnerable too. There's no 95 patch, and there won't be. Didn't you know you were supposed to buy a 98 upgrade ages ago?

It's been a rough week for Redmond security. On Tuesday we learned of a Word macro vulnerability; on Thursday a Windows Media Player vulnerability; and Friday the HyperTerminal matter, all of which are exploitable in highly destructive ways.

Friday's hole is related to but not the same as a vulnerability reported back in October, so HyperTerminal users need to install fresh patches. The one issued previously is not adequate protection.

HyperTerminal is made by software outfit Hilgraeve. ®

Related Links

Win98, 98SE patch
WinME patch
Win2K patch

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
Sway: Microsoft's new Office app doesn't have an Undo function
Content aggregation, meet the workplace ... oh
Sign off my IT project or I’ll PHONE your MUM
Honestly, it’s a piece of piss
Return of the Jedi – Apache reclaims web server crown
.london, .hamburg and .公司 - that's .com in Chinese - storm the web server charts
NetWare sales revive in China thanks to that man Snowden
If it ain't Microsoft, it's in fashion behind the Great Firewall
Chrome 38's new HTML tag support makes fatties FIT and SKINNIER
First browser to protect networks' bandwith using official spec
Admins! Never mind POODLE, there're NEW OpenSSL bugs to splat
Four new patches for open-source crypto libraries
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.