Posted on 01/11/2005 3:19:05 AM PST by Happy2BMe
E Flaw Exploited
Security firm identifies exploit technique for known browser hole.
Matthew Broersma, Techworld.com Friday, January 07, 2005
Internet Explorer has become an even bigger security risk--even under Windows XP SP2--with the publication of a new and extensive exploit.
Advertisement
Security researchers have warned that the exploit, which takes advantage of known loopholes in SP2, could allow an attacker to run script code on a user's system via a specially crafted Web page.
Known Hole
The holes involved have been known publicly for more than two months, but previous exploit techniques required the user to take actions such as dragging an image from one part of a Web page to another. The new exploit--a demonstration of which has been published by Danish security firm Secunia--is fully automated, requiring the user only to visit a Web page in Explorer. Other browsers and operating systems aren't affected.
"There now is a 'reliable' working exploit that can compromise an SP2 system by just visiting a Web page," says Secunia chief technology officer Thomas Kristensen. Secunia has raised its warning level to its highest, "extremely critical."
Security group Greyhats warned of the new type of exploit in an advisory in late December. Secunia then upgraded its advisory to "extremely critical" and published a demonstration based on a proof-of-concept by a researcher known as ShredderSub7. US-CERT, the U.S. computer security alert organization, has also published an advisory on the issue.
Issues Identified
Microsoft has warned users to turn off IE's 'Drag and drop or copy and paste files' option as a partial solution. The danger can also be lessened by setting security levels to high for the 'Internet' zone or, as several security firms pointed out, using another browser.
The exploit is the first major weakness in SP2 to have surfaced. Microsoft is promoting SP2, released last summer, as a solution to many of Windows' worst security problems.
Researchers have identified three separate but related issues in IE: a bug in the validation of certain drag-and-drop events, and zone restriction errors with embedded HTML Help ActiveX controls. The first problem can be avoided by disabling the 'Drag and drop or copy and paste files' option, but the new exploit doesn't rely on this particular bug, researchers said.
The HTML Help control exploit bypasses one of SP2's key features, the 'Local Machine' zone lock down, designed to make it far more difficult for attackers to execute script on a local system.
Why do you interpret my cautioning two people who said they use FireFox about the vulnerablilities of Firefox as being a fan of Microsoft?
Perhaps because
I have a hair-trigger annoyance about Microsoft that I really need to work through much further and let it go.
My problem. Sorry.
You should be aware that the Bush Microsoft haters have figured out that the ex-Giant MS anti-spyware product is installing spyware, and then finding it to convince people that it is a good product and shake more money out of their pockets.
Personally, I have had more trouble with products (and lack of support) sold by companies like Symantec, Pinnacle, and some others than with Microsoft. My one and only exposure to Microsoft customer support was overwhelmingly positive. I will gladly switch to Linux, however, when I can convince myself that, with a Windows emulator, I will be able to run preferred applications without bugs. That day has not yet come.
I've got Linux (with KDE as the GUI, and thus Konqueror as my browser) at work (where our last IT guy got even most of the office staff to switch from Windows), and Mac OS 10.2.8 at home, where I use Opera or Safari.
(all Unix plus user-friendly GUI's that put Windows to shame!)
I think Quix was quick to jump on SubMareener because he's seen lots of FReepers who reason 'Microsoft = big corporation = free market = good". The problem is that Microsoft isn't really free market, at least not by disposition: they want the government to grant them a monopoly, and use their legal department, buyouts of potential rivals (unhindered by anti-trust regulators (why?)), and overly broad intellectual property laws to try to simulate a royal warrant. And their initial market dominance was built on the dominance of IBM in the PC market in the lat 70's and early 80's--in part an artifact of government purchasing decisions to favor the 'real computer maker' over the upstart Apple.
Of course, I'm not sure where doctrinaire free marketeering gets you in IT. The internet itself has a hefty dose of government development support: I'm old enough to have used the ARPAnet, which was the DOD developed back-bone of the internet which spread from DOD to academe before everyone else started using the same protocols. An awful lot of the rest of the basic guts of the internet were developed by faculty at universities (a lot of state universities there, and even private universities are partially government supported).
Personally I regard software as being more like the proof of a mathematical theorem than a device (there is a theorem in theoretical CS, the 'Curry-Howard isomorphism" that says in fact a correct program is a proof in a certain formal system), and the 'peer review' available in open source to be a better guarantee of quality than the 'trust us we have a royal warrant' business model of proprietary software licensing.
>>customers' only rights<<
They have been out sourced. Weren't you updated on this fact? Another MS failure!
I think backhoe and happy2bme have it right, stay away from the internet if you don't want to risk spam or viruses.
I just bought a Hewlett-Packard machine with Microsoft system. I haven't signed on to the internet yet. Is there any way I can use Linux? Also, do you have a particular ISP to recommend?
And on it goes.
Absolutely. You can set up a dual-boot system to allow you the choice of either OS. I currently run SuSE 9.1 (Linux) as my default operating system (especially for browsing) and XP Pro for those increasingly rare instances where I have to run a MS-specific application.
LOL! I'm right there with you. Can you pinpoint the exact moment when you came to despise all that is microsoft?
10:48:35 am, June 8th, 1996. It was an epiphany.
Huh¿¿¿¿¿¿
HAHA. I can relate. For me, I don't know the exact date, but the circumstances that surrounded my epiphany are quite clear in my mind.
I use Mozilla, and have not yet installed the SP2 patch for fear of screwing things up.
Anyone think I should install the SP2 patch?
YEARS AGO in Taiwan. Had to be their first product.
They are such artists at exasperation.
They set up impossible glitchy problems to solve.
They tease you with the fantasy that there's some customer support. Then when one tries to avail themselves of customer support, one realizes that
THAT "customer support"
is a false advertising trick
--yet another maze designed to rachet up exasperation and minimize or flush help.
It's that feeling of being on the rack and having the midevil torturer gleefully alternating between toying and slicing.
All the while draining your bank account with yet more glee.
I understood that hazardous fact a long time ago.
Doesn't make me pleased to have to wrestle with the satanic monster torturing me at my own expense.
Well said.
They really do have a really does have a reputation in Taiwan of being one of the most ruthless, most corrupt, most thuggishly demanding organizations on the island.
That's the way I think about driving. If we could just get them other nuts off the roads, it would be soooo safe, but my desire to drive overpowers my desire to walk so I accept the unintended consequences and rarely bitch about 'em.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.