Windows XP Unchecked Buffer in File Decompression Functions Vulnerability Patch

Name: Windows XP Unchecked Buffer in File Decompression Functions Vulnerability Patch
Rating: 3.7 (3 reviews)
Author: Microsoft

Download now

Used Windows XP Unchecked Buffer in File Decompression Functions Vulnerability Patch for Windows? Share your experience and help other users.

Developer’s Description

By Microsoft

Resolve the "Unchecked Buffer in File Decompression Functions" security vulnerability in Windows XP to prevent a specially malformed file from causing unauthorized code to run on your computer.

This patch addresses two vulnerabilities. An unchecked buffer exists in the program that handles the decompressing of files from a zipped file. When this program tries to open a file that has a specially malformed file name that is contained in a zipped file, Windows Explorer may fail, or an attacker may be able to run any code. This behavior creates a security vulnerability.

The second vulnerability is that the decompression function may put a file in a folder that is different from, or that is a child of, the target folder that is specified by the user as the location where the decompressed ZIP files are put. This behavior may allow an attacker to put a file in a known location on the user's computer; for example, an attacker may put a program in a Startup folder.