Microsoft Windows Could Allow Remote Code Execution Vulnerabilities

1. WinVerifyTrust Signature Validation Vulnerability

A remote code execution vulnerability exists in the Windows Authenticode Signature Verification function used for portable executable (PE) and cabinet file formats. An anonymous attacker could exploit the vulnerability by modifying an existing signed executable file to manipulate unverified portions of the signature and file in such a way as to add malicious code to the file without invalidating the signature. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

2. Cabview Corruption Validation Vulnerability

A remote code execution vulnerability exists in the Windows Authenticode Signature verification for cabinet (.cab) file formats. An anonymous attacker could exploit the vulnerability by modifying an existing signed cabinet file to point the unverified portions of the signature to malicious code, and then convincing a user to open or view the specially crafted cabinet file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.