Internet Explorer - 2 new critical vulnerabilities

Discussion in 'other security issues & news' started by the mul, Jun 10, 2004.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    This new bulletin advises to "Disable Active Scripting support for all but trusted web sites"

    SA11793: Internet Explorer Local Resource Access and Cross-Zone Scripting Vulnerabilities

    http://secunia.com/advisories/11793/


    QUOTE
    Secunia Advisory: SA11793
    Release Date: 2004-06-08

    Critical: Extremely critical

    Impact: Security Bypass and System access

    Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system.

    1) A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files.

    2) A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone.

    Secunia has confirmed the vulnerabilities in a fully patched system with Internet Explorer 6.0. It has been reported that the preliminary SP2 prevents exploitation by denying access.

    Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document. The vulnerabilities are actively being exploited in the wild to install adware on users' systems

    Solution: Disable Active Scripting support for all but trusted web sites.


    The Mul
     
  2. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Absolutely horrible, critical vulnerabilities again. When will all these critical vulnerabilities stop?
     
  3. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,803
    Location:
    Texas

    In my mind, I think Microsoft wanted people to have fun on the Web with all the scripting, etc, built in to IE. Too bad the dark side wants to take advantage.

    The hijack forum is full of unsuspecting people.

    I'm sticking with Firefox. :(
     
  5. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    I just happen to be running Opera lately myself. ;) I lke the new version. I also like Firefox and IE. Although I'm not one of the MS bashers, I recently mentioned to someone else here that even when up to date with MS patches there are still unpatched known vulnerabilities in IE. And of course there are potential unknown vulnerablities such as this apparently was until now when an exploit is ITW.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,803
    Location:
    Texas

    I can't bash Microsoft. They have provided me with many hours of fun and learning. (excluding DOS, of course :D )
     
  7. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Hello,

    The first one AdobeB.stream is know for months.

    A simple work around is to set a kill bit on CLSID {00000566-0000-0010-8000-00AA006D2EA4} , easily done with SpywareBlaster or directly with REGEDIT :
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000566-0000-0010-8000-00AA006D2EA4}]
    "Compatibility Flags"=dword:00000400 (hex)

    No need either to disable Active Scripting in security zone Internet : just set the same parameters for the Intranet local zone as for the sensible sites zone.

    Regards,

    Jack

    Back after a long time
     
  8. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    IE flaws used to spread pop-up toolbar

    http://news.com.com/IE flaws used to sprea..._3-5229707.html

    An adware purveyor has apparently used two previously unknown security flaws in Microsoft's Internet Explorer browser to install a toolbar on victims' computers that triggers pop-up ads, researchers said this week. On Tuesday, security information group Secunia released an advisory about the problem, rating the two flaws "extremely critical."

    SA11793: IE Local Resource Access and Cross-Zone Scripting Vulnerabilities
    http://secunia.com/advisories/11793/

    Microsoft's Toulouse said Internet Explorer users could harden the software against such attacks by following instructions on the company's site. Other browsers available on Windows, such as Opera and Mozilla, do not contain the flaws.

    Here are some additional Protective Recommendations from Microsoft:

    http://www.microsoft.com/security/incident/settings.mspx

    Another new IE trojan capitalizing on IE vulnerabilities

    http://secunia.com/virus_information/10089/ject/

    Download.Ject is a Trojan that attempts to download and install a file on a compromised system by exploiting a vulnerability in Internet Explorer. The Trojan is triggered by visiting a web site that contains the exploit code.


    The Mul
     
Loading...
Thread Status:
Not open for further replies.