Bugtraq, I've been following this posting on the exploitation of the Win32 API with interest. I think that Chris was correct in saying the following from his original posting: 5) This is not a bug. This is a new class of vulnerabilities, like a buffer overflow attack or a format string attack. As such, there is no specific vendor to inform, since it affects every software maker who writes products for the Windows platform. A co-ordinated release with every software vendor on the planet is impossible. I think the point has been made that there are ways to fix this problem, but the point is, this is a very real way of exploiting poorly written applications. It's no different than exploiting, as he said, a buffer overflow, or format strings, vulnerabilities of which abound throughout the Internet. Though there may be a way to prevent these vulnerabilities, the same could be said for, say, a buffer overflow, and yet they're found all over the place. I think Chris has a valid point in bringing this forward, and it's something that every Win32 programming should take into account, while trying to write secure applications. This is a topic that needed to be addressed. -Bryan P.S. I think it'd be interesting to see how many (if any) Microsoft programs are affected by this type of vulnerability, even though they "have known about these vulnerabilities for some time".
