Microsoft Security Advisory (943521)

ronjor · Oct 25, 2007

URL Handling Vulnerability in Windows XP and Windows Server 2003 with Windows Internet Explorer 7 Could Allow Remote Code Execution

Microsoft is investigating public reports of a remote code execution vulnerability in supported editions of Windows XP and Windows Server 2003 with Windows Internet Explorer 7 installed. Microsoft is aware of proof of concept code that has been posted publicly and is continuing to investigate public reports. We are also aware of attacks that try to use the reported vulnerability.

This vulnerability does not affect Windows Vista or any supported editions of Windows where Internet Explorer 7 is not installed.
Click to expand...

Microsoft

lucas1985 · Oct 26, 2007

It seems that the implementations of URI are too buggy
New flaws involving URI handling are discovered on a daily basis (Adobe Reader, Firefox, Quick Time, etc)
One more reason to disable/whitelist the use of browser plug-ins.

Rasheed187 · Oct 27, 2007

Yes, but when it comes to remote code execution exploits, a HIPS will probably block them. I did however see a demo that could kill the Skype tool just by clicking a link, and termination protection won´t help. But I assume that security tools don´t have any URI commands that can shut them down.

lucas1985 · Oct 27, 2007

Yes, HIPS do protect against remote code execution, but this is a big hole in Windows.

Log in or Sign up

Microsoft Security Advisory (943521)

ronjor Global Moderator

lucas1985 Retired Moderator

Rasheed187 Registered Member

lucas1985 Retired Moderator

Log in or Sign up

Microsoft Security Advisory (943521)

ronjor Global Moderator

lucas1985 Retired Moderator

Rasheed187 Registered Member

lucas1985 Retired Moderator

Useful Searches