More Windows Security Holes

More security holes found in Microsoft Windows.    What a useless operating system...

One of the three security vulnerabilities involves image handling—a source of recent exploits on Windows and Unix (news - web sites)
operating systems. The other two risks are found in the Help system and
in Window's ANI (Automatic Number Identification) authentication.

 

Symantec said the Microsoft Windows LoadImage API Function
Integer Overflow Vulnerability could be exploited via browsers or
e-mail client software. Users who open an HTML message or Web page
bearing the image could face security risks.

 

Another vulnerability that could only
require users to click on a site or message is called the Windows
Kernel ANI File Parsing Crash and DoS Vulnerability. Its vector, a
malicious ANI file, could invoke a DoS (denial of service) attack that
could bring down unprotected systems.

[Article]