JayK
February 23rd, 2004, 09:20 AM
Critical IE bug in the wild!
Microsoft Internet Explorer has been reported prone to an unspecified vulnerability when handling CHM files. The issue is reportedly exploitable to provide for automatic delivery and execution of an arbitrary executable. This would occur when malicious web content is rendered in Internet Explorer.
It has been reported that this vulnerability is actively being exploited as an infection vector for malicious code that has been temporarily dubbed 'Ibiza'.
Microsoft Internet Explorer has been reported prone to an unspecified vulnerability when handling CHM files. The issue is reportedly exploitable to provide for automatic delivery and execution of an arbitrary executable. This would occur when malicious web content is rendered in Internet Explorer.
It has been reported that this vulnerability is actively being exploited as an infection vector for malicious code that has been temporarily dubbed 'Ibiza'.
Workaround:
It may be possible to workaround this issue by renaming the following registry entry, this however has not been confirmed:
HKEY_CLASSES_ROOT\PROTOCOLS\Handler\ms-its
This may not eliminate the vulnerability but using a different name for the handler may mitigate existing exploits.
Disabling the execution of CHM files may help mitigate this issue as well.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.
http://www.securityfocus.com/archive/1/354447/2004-02-19/2004-02-25/0
Microsoft Internet Explorer has been reported prone to an unspecified vulnerability when handling CHM files. The issue is reportedly exploitable to provide for automatic delivery and execution of an arbitrary executable. This would occur when malicious web content is rendered in Internet Explorer.
It has been reported that this vulnerability is actively being exploited as an infection vector for malicious code that has been temporarily dubbed 'Ibiza'.
Microsoft Internet Explorer has been reported prone to an unspecified vulnerability when handling CHM files. The issue is reportedly exploitable to provide for automatic delivery and execution of an arbitrary executable. This would occur when malicious web content is rendered in Internet Explorer.
It has been reported that this vulnerability is actively being exploited as an infection vector for malicious code that has been temporarily dubbed 'Ibiza'.
Workaround:
It may be possible to workaround this issue by renaming the following registry entry, this however has not been confirmed:
HKEY_CLASSES_ROOT\PROTOCOLS\Handler\ms-its
This may not eliminate the vulnerability but using a different name for the handler may mitigate existing exploits.
Disabling the execution of CHM files may help mitigate this issue as well.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.
http://www.securityfocus.com/archive/1/354447/2004-02-19/2004-02-25/0