Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Internet Explorer "createtextrange()" Code Execution


  • Please log in to reply
4 replies to this topic

#1 Daisuke

Daisuke

    Cleaner on Duty


  • Members
  • 5,575 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania
  • Local time:02:33 PM

Posted 23 March 2006 - 04:04 PM

As expected a new exploit + variants are on the loose.

Affected software: Internet Explorer 6

Solution: use another browser and disable Active Scripting in Internet Explorer.

Help here: Disabling Active Scripting in Internet Explorer
and here: How to Disable Active Content in Internet Explorer

MS will release a patch probably in April.

Details:
Microsoft Internet Explorer "createTextRange()" Code Execution
IE exploit on the loose, going to yellow
Secunia advisory

There are 2 more vulnerabilities in MSIE disclosed this month waiting for a patch. Take care.
Everyday is virus day. Do you know where your recovery CDs are ?
Did you create them yet ?

Posted Image

BC AdBot (Login to Remove)

 


#2 Daisuke

Daisuke

    Cleaner on Duty

  • Topic Starter

  • Members
  • 5,575 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania
  • Local time:02:33 PM

Posted 24 March 2006 - 01:50 AM

Microsoft Security Advisory (917077)
Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution

Workaround

Configure Internet Explorer to prompt before running Active Scripting or disable Active Scripting in the Internet and Local intranet security zone.

Set Internet and Local intranet security zone settings to “High” to prompt before Active Scripting in these zones.

Restrict Web sites to only your trusted Web sites.


Everyday is virus day. Do you know where your recovery CDs are ?
Did you create them yet ?

Posted Image

#3 Security Geek

Security Geek

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 26 March 2006 - 09:42 PM

SANS is reporting that this vulneraibility is now being exploited through eMail messages. They advise people to turn off IE Active Scripting or use Firefox (making sure it is the default browser). I would like to add that you should avoid opening any attachment with .HTA, HTM, or HTML extensions until this threat has passed. As always keep your virus signatures as up to date as possible.

Microsoft says they may release a fix for this "out of cycle" (early). They also advise people to visit their Safety.Live.Com website to "scan your machine and remove current attacks using this vulnerability"

I'm posting regular updates on this threat at the NIST.org site linked below. As always please return here to post any comments or questions.

#4 Security Geek

Security Geek

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 27 March 2006 - 11:25 PM

Latest Updates:
  • Free fix being offered by the security software company eEye.
  • Exploit now being used to install Spyware
  • SANS is reporting that this vulnerability is being exploited via eMail messages
  • Websense is reporting over 200 websites hosting expoited pages
See NIST.org article 2006-102 for details. Please return here to post comments.

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:33 PM

Posted 06 April 2006 - 03:47 PM

On 11 April 2006 Microsoft is planning to release:

• Four Microsoft Security Bulletins affecting Microsoft Windows. One of the updates will be a cumulative Internet Explorer update that addresses the publicly known "CreateTextRange" vulnerability.

See Microsoft Security Bulletin Advance Notification
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users