This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a buffer overflow vulnerability in Microsoft HTML Help Workshop which may result in remote code execution.
Microsoft HTML Help Workshop is part of Microsoft Office Resource Kit and is used to create help topics that may be integrated with the Office Help system.
Microsoft HTML Help Workshop is reportedly prone to a remote buffer-overflow vulnerability. This issue arises because the application fails to perform boundary checks before copying user-supplied data into sensitive process buffers.
The vulnerability presents itself when the application handles an HTML Help Workshop Project ('.hhp') file containing excessive data as part of the 'Contents file' field. This can result in memory corruption and lead to arbitrary code execution in the context of the vulnerable user.
A successful attack may facilitate remote unauthorized access.
This vulnerability is reported to affect HTML Help Workshop 4.74.8702.0.
- Microsoft HTML Help Workshop 4.74.8702
Download and install all vendor patches related to this vulnerability.