General News

- This is a renewed up; former articles are accessible through 'Papers' section.
- To all of the former 41 RSS subscribers: Please subscribe through the new link again.
First Remote Code Execution Vulnerability Affecting Microsoft Notepad
Written by Eduardo Prado (edu)   
Saturday, 06 March 2010 00:00

We are going to show you a little creativity; the process of triggering the first remote code execution vulnerability that affects Microsoft Notepad via innocent TXT documents. You've heard so many times people saying "Notepad is too simple. It is impossible to find a code execution bug." Well impossible is simply what has not yet been accomplished.This issue was successfully tested on the following operating systems:

-Windows 2000 Professional SP4

-Windows XP SP3

-Windows 2003 Server SP2

The research paper can be read here . The demonstration for this vulnerability can be downloaded here.

 

Comments  

 
0 #1 Saleh 2011-09-02 17:24
hello
im so glad to see secumania back again
( after a year and i am commenting now ! :D )
Quote
 

Add comment


Security code
Refresh