New hole in Windows discovered 17 years after it appeared

Man, this has been one helluva week for 0day exploits.

Tavis Ormandy at Google reports that there’s a hole in the way Windows NT and later handle functions that were designed to support 16-bit applications.

All 32bit x86 versions of Windows NT released since 27-Jul-1993 are believed to be affected, including but not limited to… Windows 2000, XP, Server 2003, Vista, Server 2008 and Windows 7.

Travis goes on to say:

Microsoft was informed about this vulnerability on 12-Jun-2009, and they confirmed receipt of my report on 22-Jun-2009.  Regrettably, no official patch is currently available. As an effective and easy to deploy workaround is available, I have concluded that it is in the best interest of users to go ahead with the publication of this document without an official patch. It should be noted that very few users rely on NT security, the primary audience of this advisory is expected to be domain administrators and security professionals.

Seven months without a resolution, and he’s gone public. Hard to blame him.

Yesterday, Microsoft released Security Advisory 979682, acknowledging the hole.