Microsoft probes Windows DoS flaw

Newly discovered vulnerability could cause certain Windows applications to crash if a user clicks on an overly long Web link.

Microsoft is looking into a report of a Windows flaw that could cause certain applications to crash, the software maker said Thursday.

The potential flaw affects Windows XP and Windows Server 2003, Microsoft said in a statement. The bug could cause certain applications, including Internet Explorer, to crash after a user is tricked to click on an overly long Web link, security monitoring company Secunia said in an alert.

The flaw might also allow malicious code to run on a vulnerable system, Secunia said. However, that has not been proven, so the issue is so far deemed to be a denial of service, or DoS, problem only, Secunia said. The company deems the issue "less critical," one notch above its lowest possible rating.

Microsoft is investigating the issue, a company representative said in an e-mailed statement. The software maker is not aware of any attacks that attempt to use the flaw, the representative said. Once the investigation is complete, Microsoft may issue a security advisory of a patch, it said.

The Windows issue is one of several reported security issues awaiting a response from Microsoft. One issue the Redmond, Wash., company has said it will address with a security update later this month is a flaw in Word. That flaw has already been exploited in at least one targeted cyberattack.

Featured Video

Walmart's five buck LED is one of the brightest we've tested

For basic lighting needs, this bulb looks like a solid pick, but its dimming performance leaves a lot to be desired.

by Ry Crist