'Extremely critical' IE vulnerability

By Bill Brenner, News Writer 03 Nov 2004 | SearchWindowsSecurity.com

Digg This!     StumbleUpon     Del.icio.us

An unpatched vulnerability in Internet Explorer could be remotely exploited to launch malicious code, Danish security firm Secunia said in an advisory Tuesday.

"The vulnerability is caused due to a boundary error in the handling of certain attributes in the IFRAME html tag," Secunia said. "This can be exploited to cause a buffer overflow via a malicious html document containing overly long strings in the "src" and "name" attributes of the IFRAME tag. Successful exploitation allows execution of arbitrary code."

The company said it has confirmed the vulnerability on fully-patched machines with Internet Explorer 6.0 on Windows XP SP1 and Internet Explorer 6.0 on Windows 2000. The vulnerability does not affect systems running Windows XP with SP2 installed.

Secunia said it has rated the vulnerability "extremely critical" -- its highest risk rating -- because a working exploit has been published on public mailing lists. The company suggested users switch to another product.

The firm credited researcher "ned" with discovering the vulnerability, and credited researcher Berend-Jan Wever with providing additional research.

A Microsoft spokeswoman said Wednesday the company "is investigating new public reports of a possible vulnerability in Internet Explorer. We have not been made aware of any active exploits of the reported vulnerabilities or customer impact at this time, but we are aggressively investigating the public reports. Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a fix through our monthly release process or an out-of-cycle security update, depending on customer needs."

She criticized those who discovered the vulnerability for not disclosing it "responsively."

"As I've mentioned many times in the past, Microsoft is concerned that this new report of a vulnerability in Internet Explorer was not disclosed responsibly, potentially putting computer users at risk," she said. "We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests, by helping to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities with no exposure to malicious attackers while the patch is being developed."

This article originally appeared on SearchSecurity.com.

Tags: Microsoft Internet Explorer (IE),  Network intrusion detection and prevention and malware removal,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Microsoft Internet Explorer (IE) Admins can wear many hats using Netcat Patching third-party browsers adds more work in Windows shops Four Internet Explorer 8 Group Policy security settings Safe enterprise Web browsing: Five tips in five minutes Top client security tips of 2006 General security configuration: Step 1 Protection against international domain names, URL handling: Step 3 ActiveX opt-ins, information bar and cross-domain protection: Step 4 Windows Vista and IE7: Step 5 Phishing filter: Step 2 Network intrusion detection and prevention and malware removal 20 days to a more secure enterprise Improvements to offline file synchronization in Windows 7 Underlying causes of inconsistent patch management Windows security tools for the busy desktop administrator Check IT List: Five steps for rootkit detection Top Windows client security tools for end users Hacking Exposed Windows: Windows security features and tools Tools for virus removal and detection Windows security testing: Five tips for the summer Buffer overflows can be prevented by GS cookies

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary ActiveX  (SearchEnterpriseDesktop.com) ActiveX control  (SearchEnterpriseDesktop.com) Internet Explorer  (SearchEnterpriseDesktop.com) Internet Explorer Administration Kit  (SearchEnterpriseDesktop.com) tabbed browsing  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary