Microsoft releases IE advisory
p2p news / p2pnet: Bill and the Boyz admit a security hole they were told about back in May has only just been patched.
It concerned a stability issue, "that caused the browser to close," says Microsoft. "Since then, new information has been posted that indicates remote code execution could be possible."
The UK Computer Terrorism group released a proof-of-concept exploit for the security breach which allows remote code execution on most Windows systems including XP sp2 and which can, for example, be exploited if a user visits a web site controlled by the attacker, says F-Secure, going on:
"So, one solution to this problem is to disable Active Scripting in IE. Another solution would be to use some other web browser. Also, as always, running as a restricted user greatly limits the damage these kinds of attacks can cause."
SANS’ Infocon alert has been raised to yellow.
"Microsoft finally research a security advisory regarding this issue," it says. "Based on the advisory, Windows server 2003 and 2003 SP1 are not affected by this vulnerability. All other versions are vulnerable."
Microsoft says it’s "concerned that this new report of a vulnerability in Internet Explorer was not disclosed responsibly, potentially putting computer users at risk".
"Microsoft is investigating new public reports of vulnerability in Microsoft Internet Explorer on Microsoft Windows 98, on Windows 98 Second Edition, on Windows Millennium Edition, on Windows 2000 Service Pack 4, and on Windows XP Service Pack 2," it says on Advisory (911302). "Customers who are running Windows Server 2003 and Windows Server 2003 Service Pack 1 in their default configurations, with the Enhanced Security Configuration turned on, are not affected. We have also been made aware of proof of concept code targeting the reported vulnerability but are not aware of any customer impact at this time."
Also read:-
F-Secure – Internet Explorer 0-day, November 22, 2005
Infocon – New I.E Exploit Security Advisory Released, November 22, 2005
Advisory (911302) – Vulnerability in the way Internet Explorer Handles onLoad Events Could Allow Remote Code Execution, November 21, 2005
November 22nd, 2005 at 11:56 pm
“So, one solution to this problem is to disable Active Scripting in IE. Another solution would be to use some other web browser. Also, as always, running as a restricted user greatly limits the damage these kinds of attacks can cause.”
Like I say, I’d rather stick needles in my eyes than go back to IE. I cringe each time I must. My Adaware scan after my IE visit tells all. I don’t have that problem with Firefox. You see, I like to know who’s coming into my house.
Long live Mozilla, and friends.
November 23rd, 2005 at 10:28 am
Yesterday, I finally got around to downloading and installing Firefox. Someone please kick me in the butt for not having done so years ago!!!
Firefox works so much more smoothly! I’ve had three Linux distros ready for installation but have hesitated — until now.
Yes, Virginia, there really is a world beyond the confines of Microsoft windows (with a small -w-).
I encourage everyone to try Firefox — and I’m not associated with them in any way. All I can say is: if you’ve hesitated, like I did, hesitate no longer!
November 23rd, 2005 at 2:42 pm
An even more elegant solution, switch to linux
November 23rd, 2005 at 8:59 pm
I much agree with this readers statement. I run Ubuntu Linux with Firefox. I have no need of anti spyware, anti virus, anti this and that. It means that while someone else has to run their scanners every day or two, depending on their concern with security; I’m out surfing without worry.
Nor do I have to support those annual fees if you run them legally. If you don’t run legally then somehow they always shut you off and you wind up looking again. Have you ever considered how they are able to tell that particular install isn’t legal? Of course there is always the spyware they put in to look and see if it is.
For a long time I feared Linux as something I would have to learn again for an OS. I no longer fear it and use it everyday. It doesn’t need a lot fixing and Linux has grown to resemble winblows in many ways. GUI interface should have a winblows user right at home, right out of the box. The days of having to run Linux through the command line is over. Can you still use the command line? Of course. Do you absolutely have to know the commands? No. When there is something that must be done in command line (and it is extremely rare) you can go to a web site and copy and paste to your hearts content without ever typing a letter once you have found what you are looking for.
Even Microsucks realizes their biggest headache is the wide open OS they have set up. Every spyware in the world writes for Winblows. Almost nil write for linux.
Don’t depend on limited access being your protection by lowering your admin rights. Some of the DRM stuff has shown that it even gets around that to install. Securerom is one of those that do.