Microsoft Research Team Reports Bugs in Facebook, Google Picasa

Microsoft’s Vulnerability Research team is keeping itself busy finding bugs in other vendors’ products, with the two latest being a vulnerability in Google’s Picasa photo editing and sharing application and a bug in Facebook that could lead to the compromise of a victim’s account.

Google Picasa Heap Overflow Hole Closed

Secunia reports a hole in Google’s Picasa image management and editing software that allows attackers to compromise Windows using specially crafted JPEG images to provoke an integer overflow in the PicasaPhotoViewer.exe file, which can then be exploited to cause a heap overflow. Google closed the hole in the recently released Picasa 3.6 build
105.41, although Google’s release notes say nothing about a fix. Read the full article. [The H Security]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.