Continued tests by BetaNews on the form of the Win32 API message box call discovered two weeks ago, capable of crashing Microsoft Windows Vista as well as earlier versions, indicates that while the executable code remains a problem, its capacity for damage to Windows computers may be limited to merely crashing the system.

Last month, security engineers discovered the latest incarnation of a problem first encountered eight years ago: When an API function dating back to the first version of the Win32 library tells the system to display a dialog box as though it were coming from the OS itself and not the active application, and when the text to be displayed in that message box appears to contain what may be a disused character code sequence, then memory becomes corrupted. At least one, sometimes more, repeated calls can cause Windows to crash.

BetaNews