Today I’d like to share another “funny BUG” (yep, believe me this is quite funny) through this summer time quick’n dirty post. The involved hunter is Nuzhny (no contacts provided to me, more infos here) who disclosed a Stack Overflow in Windows Calculator last week. You would think: “A BOF in Windows Calc.exe ? You’re kidding me… One of the oldest executable on the Earth is still hiding BUGS on it ?”. The sad answers is: “yes”, windows CALC still has undisclosed BUGs at least on the following machine (in where I was able to test it).
Machine Settings: Windows 7 Ultimate SP1 x86-64, English.
Trigger the bug:
Start |-> run Calc.exe
Press “Alt-2” to go to tjhe “Scientific” calculator mode (“Programmer mode” should also work)
The exception is unhandled at address: 0xC00000FD.
Crash after F-E representation needed.
Debugger on BUG
I’m not sure on how this bug could be exploited in the real life – right now -, maybe it wouldn’t become a vulnerability at all but what it’s important to all this “story” is that no safe software in a real world exist. Even wincalc.exe, one of the most simple and most tested software of the entire software history might hide bugs and vulnerabilities. Are you still wondering why a “security source code review” is essential out there ?