It's baaack! IE users are vulnerable... again!

Forum Moderators: open

Message Too Old, No Replies

It's baaack! IE users are vulnerable... again!

That vulnerability that MS "patched" isn't as patched as you think.

CritterNYC

3:31 pm on Jul 7, 2004 (gmt 0)

Well, that nasty IE hole the size of NY that let's anyone run any code they want on your computer... isn't as "patched" as you think. It turns out that Microsoft only disabled access to the ActiveX control that had one of the holes. The other issue, crossing browser zones, which Microsoft has known about for months, is still unpatched.

And now, there is an exploit that takes advantage of it. It simply uses Application.Shell instead of ADODB.Stream (the ActiveX control disabled by the last "patch") to do its dirty work.

CNET News:
[news.com.com...]

The Register:
[securityfocus.com...]

The updated exploit code:
[seclists.org...]

So, once again, anyone running IE with Javascript enabled is completely vulnerable.

Regards,
John

encyclo

4:54 pm on Jul 7, 2004 (gmt 0)

Of course, Microsoft said as much when the patch was released. It was only meant to protect against one specific attack (Download.Ject), not as a corrective patch for the underlying problem.

There has been a lot of noise about this, but Microsoft have never claimed to have already solved the issue with the vulnerability. They are still in the process of testing a solution.