Bugs & Fixes: New Windows Holes, Dangerous Music
Prevent hackers from using music files to take charge of your machine.Stuart J. Johnston is a contributing editor for PC World. Click on the link for more Bugs and Fixes columns.
illustration by Asaf Hunuka
Researchers at EEye Digital Security recently discovered two big holes in Windows' music playback technology. The flaws, which Microsoft rates as "critical," could allow a hacker's code to run amok on your PC by exploiting a contaminated music file. The hacker could then take over your PC and do something nasty, like delete your files.
The problems lie in the way that Windows plays back a common type of music file called a MIDI (Musical Instrument Digital Interface) file. Unlike an audio file, a MIDI file contains a string of code that tells a synthesizer (such as the ones in most PCs) how to play a piece of music.
Microsoft's DirectX technology, which handles playback for audio and video in Internet Explorer and in Windows Media Player, also plays MIDI files. Microsoft realized that it had left two unchecked buffers in versions of DirectX from Windows XP all the way back to Windows 98. This weakness could let a miscreant send a malformed MIDI file containing too much data to one of the buffers. And for that to happen, you just have to visit a booby-trapped Web site or open (or preview) an HTML e-mail message with an embedded link. This triggers the infected MIDI file to download to your PC. When the buffer overflows, DirectX malfunctions and the hacker's code starts to execute.
Take care of the hole by grabbing the latest version of DirectX, 9.0b. Head to the Microsoft bulletin, "Unchecked Buffer in DirectX Could Enable System Compromise," for more details and a link to the patch, and go to eeye.com for EEye's bulletin.
Blaster Trouble
By now you've probably heard a lot about the Blaster worm. Also known as the Lovsan or DCOM worm, this self-propagating infiltrator exploited a flaw involving a part of Windows called the Distributed Component Object Model, and how it listens for Internet traffic. Infected Windows 2000 and XP systems could allow a bad guy to unleash random code or to launch denial-of-service attacks.
Microsoft had already plugged the hole before Blaster started spreading, but many users didn't get the chance to update at the time (grab a link to the fix for your Windows version at the bulletin, "Buffer Overrun In RPC Interface Could Allow Code Execution"). Even if you took care of the problem by downloading the latest virus definitions or using a removal tool (go to W32.Blaster.Worm Removal Tool for Symantec's tool), you'll still need Microsoft's patch.
Dell Pulls Patch for Handhelds
Shortly after Dell released a performance fix for its Axim X5 handheld units, the company took the patch down from its Web site. The fix was intended for Pocket PC handhelds running Windows Mobile 2003 that were sold between June 23 and July 16, 2003. Dell received reports, however, that some users who didn't have the required license had found a way to grab the patch and use it to upgrade older Pocket PC operating systems (head to "Dell Delays Patch for Axim PDAs," a related PCWorld.com news story).
At press time, Dell said that it had begun mailing out CDs with the fix to all customers affected by the performance issue.
In Brief
PowerQuest and Symantec Clash
Some PowerQuest products do not get along with Symantec's GoBack. Drive Image, PartitionMagic, and DriveCopy refuse to operate while GoBack is active. This conflict is not a bug, but to work around the snag, you have to disable GoBack. See "Disabling GoBack in Order to Use PowerQuest Products" for PowerQuest's instructions and "How to use partitioning programs with GoBack installed " for Symantec's advice.
VAIO Modem Repair
Sony is fixing modems in some PCG-FRV25 and PCG-FRV27 VAIO laptops because of grounding problems. Call Sony at 800/880-9743 or visit Sony Online Support to learn whether your unit needs repair.
Bugged?
Found a hardware or software bug? Tell us about it via e-mail at bugs@pcworld.com.