Dragaera

new Microsoft Internet Explorer vulnerability

Mark A. Mandel thnidu at yahoo.com
Mon Nov 21 11:04:08 PST 2005

My department's IT chief just forwarded this message to everyone from the
University's Information Security Office. I don't have time to write a
filk about it.

-- Mark A. Mandel, The Filker With No Nickname
     http://filk.cracksandshards.com/
     Now on the Filker's Bardic Webring!
     [This text prepared with Dragon NaturallySpeaking.]



\\\\\


Hi all,

It appears that an advisory has been released about an unpatched
Microsoft Internet Explorer vulnerability which allows the execution of
code by simply visiting a malicious website. At the same time they
released proof-of-concept code which has been verified by SANS to work as
advertised.

http://isc.sans.org/diary.php?storyid=874

Microsoft Internet Explorer vulnerability which allows the execution
of code by simply visiting a malicious website. At the same time they
released proof-of-concept code which has been verified by SANS to
work as advertised.

http://isc.sans.org/diary.php?storyid=874

This vulnerability exists in how IE handles the JavaScript 'Window()'
function and an 'onload' statement.  The proof-of-concept code will open
up calc.exe which verifies that code can be run on the system via
exploitation.  A malicious website could possibly compromise the system
and install malware and take complete control of the system.

This vulnerability was first reported as a Denial of Service back in May
of this year and supposedly Microsoft ignored the report.  Today the
discoverer reclassified this vulnerability from a Denial of Service to a
Remote Code Execution.  There is no official word from Microsoft yet and a
patch doesn't exist.

Workarounds:

Use another web browser such as Firefox, Netscape or Opera If you have to
use IE disable 'active scripting' for non-trusted sites or disable
JavaScript.

Since there is not a patch available please take extra caution when
visiting websites when using Internet Explorer.

References
FrSirt advisory
http://www.frsirt.com/english/advisories/2005/2509
FrSirt Proof of Concept code
http://www.frsirt.com/exploits/20051121.IEWindow0day.php

Original Advisory
http://www.computerterrorism.com/research/ie/ct21-11-2005

==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security
Philadelphia PA USA
http://www.upenn.edu/computing/security/
==================================================

SANS - The Twenty Most Critical Internet Security Vulnerabilities
http://www.sans.org/top20/

SANS - Internet Storm Center
http://isc.sans.org

irc.freenode.net #dshielders
http://freenode.net/


	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com