Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer - 2 new critical vulnerabilities


  • Please log in to reply
4 replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:08:38 PM

Posted 09 June 2004 - 04:09 PM

This new bulletin advises to "Disable Active Scripting support for all but trusted web sites"

SA11793: Internet Explorer Local Resource Access and Cross-Zone Scripting Vulnerabilities

http://secunia.com/advisories/11793/

Secunia Advisory: SA11793   
Release Date: 2004-06-08

Critical: Extremely critical

Impact: Security Bypass and System access

Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system.

1) A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files.

2) A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone.

Secunia has confirmed the vulnerabilities in a fully patched system with Internet Explorer 6.0. It has been reported that the preliminary SP2 prevents exploitation by denying access.

Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document.  The vulnerabilities are actively being exploited in the wild to install adware on users' systems

Solution: Disable Active Scripting support for all but trusted web sites.



BC AdBot (Login to Remove)

 


#2 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:08:38 PM

Posted 10 June 2004 - 10:55 AM

IE flaws used to spread pop-up toolbar

http://news.com.com/IE+flaws+used+to+sprea..._3-5229707.html

An adware purveyor has apparently used two previously unknown security flaws in Microsoft's Internet Explorer browser to install a toolbar on victims' computers that triggers pop-up ads, researchers said this week. On Tuesday, security information group Secunia released an advisory about the problem, rating the two flaws "extremely critical."

SA11793: IE Local Resource Access and Cross-Zone Scripting Vulnerabilities
http://secunia.com/advisories/11793/

Microsoft's Toulouse said Internet Explorer users could harden the software against such attacks by following instructions on the company's site. Other browsers available on Windows, such as Opera and Mozilla, do not contain the flaws.

Here are some additional Protective Recommendations from Microsoft:

http://www.microsoft.com/security/incident/settings.mspx

#3 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:08:38 PM

Posted 16 June 2004 - 10:23 AM

Another new IE trojan capitalizing on IE vulnerabilities

http://secunia.com/virus_information/10089/ject/

Download.Ject is a Trojan that attempts to download and install a file on a compromised system by exploiting a vulnerability in Internet Explorer. The Trojan is triggered by visiting a web site that contains the exploit code.

#4 I hate spyware!

I hate spyware!

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:38 PM

Posted 26 June 2004 - 11:39 AM

Another new IE trojan capitalizing on IE vulnerabilities

http://secunia.com/virus_information/10089/ject/

Download.Ject is a Trojan that attempts to download and install a file on a compromised system by exploiting a vulnerability in Internet Explorer. The Trojan is triggered by visiting a web site that contains the exploit code.

Yeah, its very bad news, i saw i simlar story on BBC NEWS, and it said to find out if you have 'surf.dat' is go in to search and then type it in, but i haven't been infected :thumbsup:

Edited by I hate spyware!, 26 June 2004 - 11:40 AM.


#5 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:07:38 PM

Posted 28 June 2004 - 01:10 AM

Time to Dump Internet Explorer
It's time to tell our users, our clients, our associates, our families, and our friends to abandon Internet Explorer.
By Scott Granneman Jun 17 2004 07:54AM PT

http://www.securityfocus.com/columnists/249

The writer argues that the continual security problems with the ubiquitous IE makes a strong case for switching browsers, and recommends Mozillla's Firefox:

" As people who care about security - and who so often work with people who care nothing about security - it's our responsibility to spread the word about a better Web browser that does not constantly compromise the basic security of our computers and networks."

Regards,
John
Whereof one cannot speak, thereof one should be silent.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users