Holidays bring more security holes in Windows OS

Holidays bring more security holes in Windows OS

It’s holiday time with both Christmas and New Year coming up and well, what we have on our hands is not much of a surprise. With most system administrators and software developers on holidays, three new issues discovered in Microsoft OSs might cause potential damage on venerable systems. What is more concerning is that one of these three issues affect systems already updated with Windows XP Service Pack 2.

The news was made public on several online newsgroups and channels. Norton Antivirus makers Symantec have confirmed these instances.

The first issue is related to how windows handles the way it renders images. It exists in LoadImage, which is used by the Operating System to loads icons, cursors, or bitmaps on the desktop. This function can lead to a potentially harmful malicious code inside an affected element to cause damage to the computer.

Second flaw is related to Windows Kernel ANI File Parsing Crash and DoS Vulnerability. It requires the user to click a link on a webpage or email to load an affected ANI file. This lead to now rather routine DDoS attacks.

Third flaw is more critical as it affects even systems loaded with SP2. It involves the HLP files in windows. This could lead to a system wide open for exploitation. Security firms have suggested that users should avoid opening unknown attachments and try to read mail in text format thus avoiding opening affected images by mistake in mail clients.