I must admit this happened much quicker than I thought it would :- see these articles on the Register and Security tracker – apparently an exploit for a buffer overrun problem in IE *5* has already been released – supposedly discovered by reading the leaked windows source code.
I’m curious as to whether this source code leak will be a “good thing” for windows in the long run, or will end up highlighting so many possible areas for exploits in Windows that MS gets an impossibly hard time…
2 replies on “Windows IE exploit found after source code leak”
Unfortunately, I thin the Register is attempting to create a scared where none exists. The two events are unrelated. The flaw was exploited by reverse engineering the ASN.1 patch (http://www.patchdayreview.com/posts/MS04-007.aspx)that was issued last week, not by reviewing the leaked source code to Windows.
Hmm. Unless I”m misinterpreting the article, doesn”t it talk about two exploits – one related to the source code leak exploiting a buffer overrun problem in the way IE 5 handled bitmaps, and the other – a program that exploits the ASN problem?
Plus, the Security Tracker website talks about the flaw supposedly being found in "win2k/private/inet/mshtml/src/site/download/imgbmp.cxx" – eg… a specific file in the source tree?