HIPAA Blog

[ Thursday, June 09, 2005 ]

 

More on WinZip: Here's more on potential trouble with WinZip. I gotta be honest, I just don't know what the hell that means. But it does get worse: I really don't know what this means.

Jeff [11:30 AM]

Comments:
A buffer overflow attack usually exploits poorly written code, the stuff the program or OS is written in. The buffer is the amount of memory set aside to operate that particular piece of code; if it is not large enough the overflow opens the system to attack by allowing a malicious user to deliberately input more than the buffer allows, and thereby gain access to the users system.
In a ubiquitous program like WinZip this is a major issue, since most of us have it living right there on our desktop.
 
Thanks, Michael. Damn, I still don't know what that means.
 
Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template