LINDON, Utah--(BUSINESS WIRE)--April 23, 2001--BugNet, the world's leading supplier of software bug fixes, exposed a Windows vulnerability that allows malicious users to rewrite a Windows registry, delete files or even wipe out a hard drive.
The bug was originally demonstrated by security analyst Georgi Guninski and later validated by BugNet engineers.
The bug originates in Microsoft's Component Object Model (COM) that is built into all Windows systems since Windows 95. COM objects rely on CLSID to uniquely identify a COM object and instruct the operating system how to execute it. Using the CLSID, dangerous executables and scripts can be disguised as innocuous .TXT files.
Double-clicking on an obfuscated file will execute, not as a text file, but in whatever way the original program was written.
BugNet performed several exploits to ascertain the seriousness of this vulnerability. ``We were able to create an Excel spreadsheet with a built-in startup macro that erases files off of the hard disk,'' said Eric Bowden, general manager, BugNet. ``We created a registry merge file that granted us administrative rights on a Windows 2000 domain server. We even selectively destroyed the Windows registry.
``Despite the menacing nature of these files, they each hide innocently behind a harmless file name like README.TXT. BugNet has posted a file which demonstrates this vulnerability, http://www.bugnet.com/lab/ba010419.html
Until Microsoft creates a patch, the only protection is for the user to vigilantly check files. When browsing network files, look at the file icon to make sure that it matches the file type. Beware of any e-mail attachments that reveal the CLSID filename. Don't double-click it until you double-check it.
BugNet has become the IT industry's central clearinghouse for information on bugs, as well as the leading provider of software bug fix information. BugNet columns and reports are regularly syndicated in many online and print publications, including MSNBC, ZDNet, InfoWorld, and Network Magazine.