Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Microsoft Plugs IE; Warns All Browsers At Risk (Test Your Browser Here)
TechWeb ^ | July 2, 2004 | Gregg Keizer

Posted on 07/03/2004 9:46:15 PM PDT by Eagle9

As if to prove the point that security is like the Dutch boy at the dike, Microsoft on Friday released a stop-gap fix for one of several vulnerabilities that have plagued its Internet Explorer just as a security firm warned that virtually every browser -- not just IE -- can be spoofed by hackers.

The update, which Microsoft tagged as “Critical,” isn't a patch per se, but rather an change to Windows that disables the ADODB.Stream object within the operating system's Data Access Components (DAC).

Last week, an innovative attack launched by a Russian hacker group from previously-infected Microsoft Internet Information Services (IIS) servers compromised a large number of PCs with identity- and financial information-thieving Trojan horses and key loggers. The attack exploited a pair of vulnerabilities in Internet Explorer, one of which -- ADODB -- had not been patched by Microsoft.

While the Russian Web site that hosted the malicious code -- which was surreptitiously downloaded to the compromised computers -- was taken down last Friday to remove the immediate danger, Microsoft has still not released a patch. The ADODB disabler is meant only as a temporary fix, said Microsoft, until it can permanently fix IE.

“In addition to this configuration change, Microsoft is working to provide a series of security updates to Internet Explorer in coming weeks that will provide additional protections,” said Microsoft in a statement. Microsoft did not offer up a timeline for any future IE patches, saying only that “a comprehensive update will be released once it has been thoroughly tested.”

The update to disable ADODB should be downloaded and installed by all users of Windows NT, Windows 2000, Windows XP, and Windows Server 2003, Microsoft said. It's available on the Windows Download site, or via the Windows Update

service. Windows XP Service Pack 2 (SP2), which is expected to release in final form this summer, is not susceptible to the ADODB vulnerability.

Friday's update is one of the few pieces of good news IE users have heard in the last week.

After a rash of exploits against IE vulnerabilities -- including the Web attack of last week, password-stealing Trojans, and a new way for hackers to spoof, or fake, Web sites -- some security analysts questioned whether Internet Explorer was safe enough to use.

Even the U.S. Computer Emergency Response Team (US-CERT), part of the federal government's Department of Homeland Security, recommended that users consider ditching IE for an alternate such as Mozilla or Opera.

“We're recommending one of two things,” said Thomas Kristensen, the chief technology officer at Danish security firm Secunia. “Either use Internet Explorer under very restricted security settings -- which may not be possible for all companies -- or install a different browser.”

Wednesday, Secunia issued a warning saying it had discovered a vulnerability within IE that allowed scammers to spoof, or fake, the content of a site displayed in the browser.

On Friday, however, the security vendor modified the alert to claim that virtually every browser, from Internet Explorer and Mozilla to Opera and Netscape -- including browsers for both Windows and the Mac OS -- has this flaw.

“It's not a code vulnerability,” said Secunia's Kristensen, “but a design flaw.”

The problem stems from how browsers handle frames. “Some time ago, browser designers decided that one site needed to be able to manipulate the content of another, and the functionality was adopted by everyone,” said Kristensen. But hackers can use this to inject phony content -- say their own credit card-stealing form -- into a frame of an actual trusted Web site, such as a user's online bank.

“In these times of phishing attacks and other scams, this is a problem,” said Kristensen. “You're visiting a bank or an e-commerce site, and you're certain of that site, but meanwhile, it's [actually] open in the background to content change by hackers.”

Internet Explorer users can stymie such spoofing attacks by disabling the “Navigate sub-frames across different domains” setting under Tools/Internet Options/Security.

Secunia offered up a quick test that users can run to see if their current browser is vulnerable to this problem.


TOPICS: Business/Economy; Front Page News; Technical
KEYWORDS: browser; getamac; ie; internetexploiter; lowqualitycrap; microsoft; patch; security; securityflaw; technology; vulnerability; vulnerable; windows
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 201-207 next last
To: general_re

That did the trick...........Thanks again !!

Stay safe !!


41 posted on 07/03/2004 11:19:10 PM PDT by Squantos (Be polite. Be professional. But, have a plan to kill everyone you meet.)
[ Post Reply | Private Reply | To 37 | View Replies]

To: Swordmaker
That's kind of a goofy "solution", at least for IE users - you can simply prevent the browser from loading frames from different domains, as per my post #37. Which seems to me to be an better workaround, insofar as it doesn't rely on eternal vigilance on the part of the user about which windows are open and where they're from.

Anyway, what do I care - I use Firefox ;)

42 posted on 07/03/2004 11:22:55 PM PDT by general_re (Drive offensively - the life you save may be your own.)
[ Post Reply | Private Reply | To 38 | View Replies]

To: Squantos

My pleasure ;)


43 posted on 07/03/2004 11:23:08 PM PDT by general_re (Drive offensively - the life you save may be your own.)
[ Post Reply | Private Reply | To 41 | View Replies]

To: general_re

Thanks for clearing that up. I used the "Prompt" option so I'll be abe to see if this ever actually becomes an issue. By the way, I don't see where Microsoft is to blame if IE already has the built in option to turn off this suspicious "navigating."


44 posted on 07/03/2004 11:25:10 PM PDT by omniscient
[ Post Reply | Private Reply | To 37 | View Replies]

To: Eagle9

Thanks for the post. I was running Mozilla 1.1, didn't know it was that old and it was vulnerable so I downloaded v1.7 and that solved the problem.


45 posted on 07/03/2004 11:25:32 PM PDT by Citizen of the Savage Nation (Fahrenheit 9/11: the 2004 edition of the Wellstone Funeral Rally!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: omniscient

Yeah. You could certainly make a case that the default setting is too lax, but at least the setting is there and accessible in order to prevent this from happening, and I'm not at all sure that that much is true for other browsers...


46 posted on 07/03/2004 11:31:53 PM PDT by general_re (Drive offensively - the life you save may be your own.)
[ Post Reply | Private Reply | To 44 | View Replies]

To: Ethrane

This is a browser problem. Firewalls and virus scanners have nothing to do with this problem and won't fix it.


47 posted on 07/03/2004 11:40:54 PM PDT by DB (©)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Eagle9

Interestingly, IE failed the test but iRider passed using IE as its rendering engine...


48 posted on 07/03/2004 11:42:11 PM PDT by DB (©)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Byron_the_Aussie

Have you heard of CWShredder? Sorry if this is a dumb question from a non-system admin.


49 posted on 07/03/2004 11:42:29 PM PDT by TenthAmendmentChampion (Freepmail me if you'd like to read one of my Christian historical romance novels!)
[ Post Reply | Private Reply | To 22 | View Replies]

To: general_re

Thanks, it worked for me, too.


50 posted on 07/03/2004 11:49:18 PM PDT by TenthAmendmentChampion (Freepmail me if you'd like to read one of my Christian historical romance novels!)
[ Post Reply | Private Reply | To 37 | View Replies]

To: general_re

You ever hear of A2 squared scanner ? Seems to be a pretty good malware scanner.


51 posted on 07/03/2004 11:53:08 PM PDT by Squantos (Be polite. Be professional. But, have a plan to kill everyone you meet. ©)
[ Post Reply | Private Reply | To 43 | View Replies]

To: Swordmaker
Bush, it IS possible to comment on this without insulting anyone.

Stay out of it. I'm getting a little tired of their continual lies.
52 posted on 07/03/2004 11:59:39 PM PDT by Bush2000
[ Post Reply | Private Reply | To 36 | View Replies]

To: Bush2000

But the latest versions of Mozilla & Firefox have this problem fixed; but Internet Explorer is still vunerable - I ran Windows Update 20 minutes ago, and IE still failed that security test.


53 posted on 07/04/2004 12:05:44 AM PDT by DreadCthulhu
[ Post Reply | Private Reply | To 35 | View Replies]

To: Citizen of the Savage Nation; All

Anyone know of a good way of updating a version of Mozilla and getting all the mail files and other such prefference to transfer automaticaly. The last time I tried to udate a Mozilla broswer I had to follow all kinds of wierd procedures and copy all the files manualy...and delete some mail files and have them re-created...ect...The biggest pain in the butt I ever saw. With Netscape 4.x all you had to do was transfer your whole profile from one to the other and it was done. This is a real step in the wrong direction for Mozilla IHMO. They should have a way to import an entire profile in one move. I see that you can import somethings...You can import mail from non Mozilla sources, but not from another copy Mozilla...even if it is the same version.(As in transfer from one computer to another) Now that is pathetic. So what is the best way to update from say v1.6 to version 1.7? I know they even want you un-install the old version first. Thanks


54 posted on 07/04/2004 12:22:11 AM PDT by Revel
[ Post Reply | Private Reply | To 45 | View Replies]

To: DreadCthulhu

If you are using windows 98 then Microsoft offers no fix for this via auto update....or the last big security problem either....Even though it obvioulsy has nothing to do with what version of windows you are using. It is simply defective browswer software.


55 posted on 07/04/2004 12:28:20 AM PDT by Revel
[ Post Reply | Private Reply | To 53 | View Replies]

To: All

BUMP!


56 posted on 07/04/2004 1:24:53 AM PDT by blondee123
[ Post Reply | Private Reply | To 50 | View Replies]

To: mean lunch lady

I've got a Mac, and that page spoofed itself into a MS page, using IE!

I'll try Safari next...

Ed


57 posted on 07/04/2004 1:25:43 AM PDT by Sir_Ed
[ Post Reply | Private Reply | To 2 | View Replies]

To: EGPWS

Wow...that spoof works with Safari, too!

Weird...I openmed and then watched the test MS page, clicked on the Secunidia link, and voila, the frame from them spoofed itself into the MS page!

I hope Mac comes up with a way to stop that...

Ed


58 posted on 07/04/2004 1:30:04 AM PDT by Sir_Ed
[ Post Reply | Private Reply | To 8 | View Replies]

To: First_Salute

AND Safari!

Ed


59 posted on 07/04/2004 1:31:33 AM PDT by Sir_Ed
[ Post Reply | Private Reply | To 20 | View Replies]

To: Bush2000

You are actually calling us cretins because we buy Macintoshes???

What the heck is wrong with you??

Cretin is hardly a word to apply to fellow Freepers who simply choose to buy another OS than the one you use.

Ed


60 posted on 07/04/2004 1:36:02 AM PDT by Sir_Ed
[ Post Reply | Private Reply | To 35 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 201-207 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson