has issued a fix for a buffer overflow vulnerability in the Windows 2000 ShellExecute API after a security researcher warned the flaw could trigger denial-of-service attacks
According to SecureNet Service (SNS), which reported the hole, Microsoft included a fix in Windows 2000 Service Pack 4 (Download location here).
It affects Microsoft Windows 2000 Datacenter Server, Windows 2000 Advanced Server, Windows 2000 Server and Windows 2000 Professional. Secunia has tagged a “moderately critical” rating on the vulnerability.
SNS said the problem was triggered when the pointer to an unusually long string was set to the 3rd argument of the Windows 2000 API Shell Execute() API function. The buffer overflow occurs if the string is about 4000 bytes. The Windows API ShellExecute() is a function to run an application associated with a specified file extension.
The research firm said that several applications containing Web browser, MUA and text editor were vulnerable to security hole.