Yes, it’s another vulnerability found in Microsoft Windows where it is tagged as “less critical” by Secunia. This concerns “.chm” files:
The vulnerability is caused due to a boundary error in the Infotech Storage System Library (itss.dll) when reading a “.CHM” file. This can be exploited to cause heap corruption and may allow arbitrary code execution via a specially crafted “.CHM” file.
Successful exploitation requires that the user is e.g. tricked in opening or decompiling a malicious “.CHM” file using “hh.exe”.
According to the discoverer,
“Microsoft plans to address this issue in the next Service Pack. Due to this fact, users of certain Windows versions should implement their own protection mechanism.”
It is then advised that users never open or decompile untrusted “.chm” files. Note that executing a “.chm” file is the same as executing an “.exe” file.
“Microsoft rates the CHM file format as potentially dangerous,similar to an executable file.”
References: (Read on for more details)
