p2pnet.net News:- Things have been looking good for Microsoft as far as security holes were concerned. However, the picture has changed.

Secunia says it’s identified two new vulnerabilities and has tagged both of them ‘extremely critical’.

And both are actively being exploited in the wild to install adware on users’ systems, it states here.

Secunia says in the first, local resource access vulnerability can be exploited via a specially crafted URL in the ‘Location: HTTP’ header to open local files.

And in the second, a cross-zone scripting error can be exploited to execute files in the “Local Machine” security zone.

The company say it’s confirmed the holes in a fully patched system with Internet Explorer 6.0, going on, “It has been reported that the preliminary SP2 prevents exploitation by denying access.

“Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document.”

“In simple terms,” says COMPUTERWORLD here, “the link uses an unknown vulnerability to open up a local Explorer help file — ms-its:C:WINDOWSHelpiexplore.chm::/iegetsrt.htm. It delays executing anything immediately but instead uses another unknown vulnerability to run another file which in turn runs some script. This script is then used to run more script.

“And finally that script is used to run an exploit that Microsoft Corp. has been aware of since August 2003 but hasn’t patched.”

The solution? Disable Active Scripting support for all but trusted web sites, says Secunia.

This entry was posted on Wednesday, June 9th, 2004 at 10:33 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1798 times