Warning: New Microsoft Windows Remote Code Execution Vulnerability

The world of computer security vulnerabilities has gone completely mad I tell you. More and more vulnerabilities are appearing at an alarming rate. Just when a patch or update is released, a vulnerability comes along and takes its place. The world of vulnerabilities seems to be a vicious never ending cycle at this current point in time. A new vulnerability has unveiled itself, and this time it's a remote code execution vulnerability in none other than Microsoft Windows.

This particular vulnerability was discovered in the wild and affects many versions of Microsoft Windows. It also affects versions of the Windows servers. Some of the files of Windows server 2003 may include but are not by any means limited to the following:a302.sys, b5820w2k.sys, backsnap.dll, CasPol.exe, certobj.dll as well as ctrl_.js.

Table 1. Some versions of Microsoft Windows which may be vulnerable

This vulnerability relates to a remote code execution vulnerability that has a direct tendency to affect the TV Tuner library. This vulnerability runs the risk of a malicious attackers being able to exploit it by convincing a specific users to go to websites which have been tampered with. If this vulnerability is exploited with a vast degree of success, then this may allow malicious characters to execute arbitrary code, with regard to the user which is logged in at that specific point in time.

There is exploit code available for this vulnerability but users need to be aware that the exploit code is not fully functional, at this point in time. This is due to the factor that the file which is needed to trigger this vulnerability is not supplied. There is no solution to this vulnerability at present, but hopefully there shall be one available in the not too distant future.