contents

software
 
Microsoft Internet Explorer Security Hole

A serious flaw in Microsoft Internet Explorer allows attackers to hijack a PC via the popular browser. Security firm Sunbelt Software said the vulnerability was being actively exploited on some porn websites. A properly crafted webpage can exploit this problem and install almost anything they want on the target machine. Tests by Sunbelt Software on a Windows machine patched with all the latest security updates showed attackers installing a huge amount of spyware and other malicious programs. Any Windows PC suffering such an infection would become unusable.

The vulnerability can be triggered when IE or Outlook 2003 processes web-based graphics code written in Vector Markup Language. The researchers have discovered a way to execute malicious code without using scripting code, which would normally be blocked by Outlook. By embedding a machine-language 'shellcode' program in the VML tags, researchers have been able to run unauthorised software on systems running the latest version of Outlook 2003.

Researchers at VeriSign's iDefense unit have also confirmed that some configurations of Outlook will launch the code with no user action. Users who have Outlook's Reading Pane enabled to read messages in HTML are particularly vulnerable to this attack.

Microsoft has confirmed public reports of vulnerability in the Microsoft Windows implementation of Vector Markup Language. A security update to address this vulnerability is now being finalized through testing to ensure quality and application compatibility Microsoft's goal is to release the update on Tuesday, October 10, 2006, or sooner depending on customer needs.

In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or instant messenger message that takes users to the attacker's Web site. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. In an e-mail based attack of this exploit, customers who read e-mail in plain text are at less risk from this vulnerability. Instead users would have to either click on a link that would take them to a malicious Web site or open an attachment to be at risk from this vulnerability. In an e-mail based attack of this exploit, users who read e-mail using Outlook Express on Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, are at less risk from this vulnerability because Binary and Script Behaviors is disabled by default in the Restricted sites zone.



write your comments about the article :: © 2006 Computing News :: home page