The Register® — Biting the hand that feeds IT

PGP app yields remote root on Windows

Patch early, patch often

See what The Register's experts have to say on application security

A curious flaw in a PGP application's handling of file names could allow an attacker to own a remote Windows machine with a malicious, encrypted archive.

File names over 200 characters in length will cause a buffer overflow, which, if exploited properly, could allow running arbitrary code on the target machine.

A typical attack would involve sending an encrypted archive to a victim via email. The archive itself would have a reasonably short name to avoid suspicion. But within it would be an encrypted file with a name exceeding 200 characters which would cause the desired overflow.

The flaw affects PGP Corporate Desktop 7.1.x. for Windows. A patch has been developed by former PGP owner Networks Associates, and is available here. ®

See what The Register's experts have to say on application security

Don’t Miss

Vulture logo with head phonesWhy Google Wave makes Tim Bray nervous

Radio Reg XML co-author on complexity and the web

open source 75Microsoft weighs next-phase in open-source support

Spring, PHP, and Apache sized up

iTunes logoiTunes minus the player: hack your Apple beats

Mac Secrets Dodge the shareware sledgehammer

OracleOracle plans cloud strategy

Exclusive Larry smells money in madness