COMMAND

    HyperTerminal

SYSTEMS AFFECTED

    Win2000 (all versions), Me, 98 and 98SE

PROBLEM

    The USSR  Team has  found a  buffer overflow  in the HyperTerminal
    telnet client,  which is  in the  code that  processes the  Telnet
    URL's, that can  enable an attacker  to execute arbitrary  code on
    another user's system.   If a user  opens an mail  containing HTML
    and also  contains a  malformed Telnet  URL a  buffer overrun will
    enable  the  creator  of  the  mail  to cause arbitrary code to be
    runned on the user's system.

    Example:

        telnet://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:aaaa/

    The other resides in a section of the code that processes  session
    files - files that  enable HyperTerminal users to  specify session
    parameters  such  as  the  connection  method  and the destination
    host.  If a user opened a session file that contained a particular
    type  of  malformed  information,  it  would  trigger  the  buffer
    overrun.

SOLUTION

    Microsoft has re-released original bulletin in May 2001 to inform
    customers of the availability of an updated set of patches to
    address both the original and a second vulnerability identified
    in HyperTerminal.  Information about the second issue is discussed
    in the PROBLEM section above.

    A patch is available to  fix this vulnerability.  Please  read the
    Security Bulletin:

        http://www.microsoft.com/technet/security/bulletin/ms00-079.asp

    for information on obtaining this patch.