|
|
|
Exploit Posted for New IE Zero-Day
By: Ryan Naraine
2006-09-14
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Updated: Security researchers in China have published detailed exploit code for a previously unknown code execution hole in Microsoft's Internet Explorer browser.Security researchers in China have published detailed exploit code for a new zero-day vulnerability in Microsofts dominant Internet Explorer browser.
The exploit, which was posted to XSec.org and Milw0rm.com Web sites, could be easily modified to launch code execution attacks without any user action on fully patched Windows machines.
A spokesman for the MSRC (Microsoft Security Response Center) said the company is investigating the latest warning, which adds to a list of known high-risk vulnerabilities that remain unpatched.
According to notes embedded in the exploit code, the flaw is a COM Object heap overflow that was tested and confirmed on Chinese-language versions of IE 6.0 running on Windows XP SP2 and Windows Server 2000 SP4.
Malicious hackers typically use code execution browser bugs to launch drive-by attacks to load Trojans, bots and other forms of malware on Windows computers.
Roger Thompson, chief technical officer at Atlanta-based Exploit Prevention Labs, said he was able to use the code to simulate an attack but noted that the exploit was not always reliable.
In an interview with eWEEK, Thompson said the exploit managed to crash fully patched versions of the browser and could be easily modified to work in targeted attacks.
 Why did Microsoft delay IE patch? Click here to read more.
Thompson has added detection signatures to his companys SocketShield, an application that serves as a zero-day exploit blocker.
"Its worth knowing about and monitoring, in case someone improves it. But its not a huge threat as it stands," Thompson said.
The latest published exploit comes at a sensitive time for Microsofts IE product team. A cumulative IE update that shipped in the August batch of patches had to be re-released twice because of two separate flaws that were introduced into the browser by the original patch.
According to vulnerability statistics from security alerts aggregator Secunia, about 30 percent of IE flaws reported in 2006 remain without patches.
Based on 13 advisories issued by Secunia this year, roughly 60 percent of all reported IE bugs were rated "highly critical" or "extremely critical."
Microsoft has shipped four bulletins for IE in 2006, all rated "critical."
Editors Note: This story was updated to include additional information from Microsoft.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������x}kw89�v2�EmGʑ-9IJ<�wz��$)RCR~wr[�/=(ɏg6-�`�U*�
��~$I��c-J1[yD{{?׆P|g�Qrdq
2�ѩey3M�Hf�w2v-Sۧn��> \?g#V;Y|��GA
f�mkh[#ij^Pt'W^O.[ac'H�Hw&�LT.恉J�MLAa|Ola5�{3P\㍒~wny%R-TjN=R9dʑ��f1\ӣ0CF_8(Jrn�uo]]^{-o�_[>ߙekfy
3(岪�?�B�Jg3B~5uV�קkE{#+l}nz
_KtH
��Wh:M?NV�1?x?-u=�kh2�`;�9RRJJ=2OIeL|xyd$YΟr$;�ٞBdu!糎;W=ReQcof
Ȱn��O<Ӡd6�2T��c��]v�jW[ѬRVyka
4}G_x0F�D17ok�f�M�2,e��g0@�M)��41t���v!fB�5W8��,.|i�*
b�Ըr�ݢ@PSnS\.ތ�!E\r+�eF"ȅ�Q.%u���Ć�>�x%Ke}7�pye
CzlNW+3Wb{g(!�.}ױV$E:^�S��3�G#��вnZ�sÚZ.U#",T
b~�^1p�-^vb0B��m�gL�t-?ys: i
�vڔh�>RÜOkCͶcO�Gs�>hH2胆6md�-k$�
,70}HOaI�4WXxȿ\
c�O��%_� �<)fZ��=H�6(Z�׃�`jc˦M@B9��;ǽ�ޚB�,�Q�ݻCiy`y1�&���բw�@�AX4�u�'6(�@=�9f)�ڭfZдc@\juJڀ�;r%Ea3�C7E�ȥs=��]HPw9��J�
B�!L��0��`P䎄b!n��l�bq sg�bX@;7 =*%�nqR%f 930YIbL=?뺾j1!��G�,D`v9J,L��.�[
O��je[-b$4�T(j1#+j1*0Ku_)Læg0吶=r5usxt9tpD'HwH�JzLa.|s|k42u��Z|'1MTsm2q)Ln>4EW,<=Т܃,zo"[֦�ShW(fsᠺL�4C�}�52{B�`n9sc]elGC8&T�լr/j�Y
�b�>5mV�AL ���|�U=kb�$`~�
=DRjR(�<�kp�X"@�@�7wr _
)iT&iT^·Χ3�i:��E7s;\O4M/|f:��gs?�'نdpf�NjФ0V�2Pa�I*�E]13R�%f.xd\4�8�L XbOFt�f�8]�0/-*{5eWhHs7s4J'UE8`
:�fc����txF3�F�ԑiQP3ujIF+Ee�ff!f6,�syEh���j"�yd\s˰e0\j}�r)+jkܸ~ A�Kc6CR$�Ӟ@�0ρ6uT85]-#BY)��FD�e�
S/;4/_129
?^t�sm6S߉ WܕV�����R�5SghZlrC8cJ�rEe�l{sR)�LZ� 6A`ѥO䱧e^�t@}F�M@X�G�\d�����`�А�B(r>��\Q)1.#_,�
ZE`P�'ܔwт.��4�Ac#&�a\xk#}Z�FR5�TB9_VzO
C.ͼ�Y-�2B�0B3ڝ5^@�M|Cybq4q#̨yF .Ɠ!��s�k'�O=�̦:Z�k36{]M;o\!�Lczu8N4+o�ʸ&n�i@�5z�4CodE��sZ|%/)'I9 c
&8-.�_e2qzh7(jMOw͙Oh#�&w}���F2P*�T�]�-�˥я{_ s�i�#g��D>)*J.eѓ�9�O*�,JrZ�(^H���X9�H(P Y�x[!6E�z�!,8{Jeo�[
xr2���=�aZ��aǰ�^-/k���\~?؇^ۣ߫�K(
-��$P�x) WA�h�xa{q1$K�O�}i9?�L�8^pkC {DZ�g0E ^)Ը]`>&/_�I4>`��-{�z_Uށ6�
�`i8~{D(F}׆7�{)g�el_|;�y�Dh0Z^�< hqv�NCB|I{y%{�w/;�j��d���, YE#�B�WǍ�5�@k;d4ɳ(�3z��Igs#f�DH]�h!o�Uuř�c�ª9�q.Dz=x_U��g0�th-� ېco#s�|uk�`!f���1xO\#� rG��@�RPOh�[#yKxZ;3Ğw�}dh��!��:%�e�~E/R)Q\(��OYYuҽjp�l�}FF/JN�^V�R-$[7c+t,#=^/8�ʚ��=�?M��Nj?�!)����4r㿜QG$��rz�K1xc�`s�AZ$~n]�^�i��9%0�\(<�{-~=P��rr����%S�SQ'i�.�K5Kb)�-BB�<9sxР#%tBY]<�Y�'ʈ&H. 觢�fr��5Z!�*=[eb{@ذƇ{6w�g3Kڝ�;/�̃�,P-�Y+HB$/i\A1'`"�,GDx�<�J[L�X!*Vj\�Zr[UO~�'%��6
DTO0�Hr吜ejC=?TemOw�X�mYq=r�츃vd��:Gw*b9,_k=huӅ[do�w�z�$sm�#��.� A�/g�]s6�ͥ��ŠO8E�{�wmhE(�V-s9c4`�י)*5nWe�kL5F�?%�>i[Wq�j�`~%XD�o�BKHԼ9zÿ
s낧 �� �[sfϜ&�tGo;vkm[�FCf_'oc$Ǿv/ٻw�|Zw[q*A-sM?Gso[#D:
wc4W�c�Z�yi�襖N4�?7�w�Bf!A�V֣~]s�՛�3�L��� c�*�v4�.�߭[ݚ�8)<�A~F<�vH�4�)[3y:Z}hf;��⫆̖�?�u õaV��aj8-'Ib��wl;�#ƣtǟ-ۊ&ZQ|;�N8S{K�8�W�p_U_r
_?�����P�?�?\=3q�
�ZЕqi+B<ыO�-1j͟}�ޏ�ֈi�ZA32ϦΒЙFMQ/�,0eRKˍ^^�'�\/G_z?:$,�L�=�i: C�~�v�,�FD>zԣSӆ5er&CB�;-ΉȽqWQR*hbq�vu�HoS�
.]j��˶��H�G�|���̺ד�曻6fH��ۀ�ۯ?�o3�A�Xn tr�h"7%qG4E)/"7d]k"4eJAɚD�n*�PbG{1G��A��Ypc�2� ၪB7�)f#�~w2�@V���龒af9"�TFmbs'f��/H�A�gՐYna�3�gΝwG�zj*�fe`"w=zga�O?ZiYl
����_pc%+�}�&%iX(G"�n�/I�o�vш؍�z?Ab2�*&v*�mzT*�(-怖�Ђ/�hjt@kmB4F*Ϗ&"��tH+5dI9��<�� O}FKO,��7;QJ|qeA#W΅�cê�&]�H��.�v���-|yfSg@Ո@D�(軫ٵr^;'7����ˬ�Ji�Ԛ!a2㻴�iI "G'R}��T9S*[UI}ʹPB8��ZAA'_��[Y\g'n)I0m%\�'�3C?&}'ԓzu`ंt�c"7{RtV[�2A&��$z@*�_vz1z-]Skm9zR|p��C�>,�tjiwҵڸNE4P1}\��K�ץ@eے�]U/�$-�K/�NO|}h ~'(I`�i
G��ī�ۭ��0��*4=.FK.b9� S�`X9`x
�&u87 5s8�0" ژ6A`�D@; ��(1�H8zm'.+KJ�m\tz\}ï��lPS8
^X��e@:�ۀS=|Hrʺg��+d�ߕOq!g�7~w~w~w~w�X-+ӝnz9_�+�O!jPM*(+ybÐ#�_?=z7Ӱ
��F>�TVA|e.uԛ �0ۓԞ\m0Ks{RÂ"A$N~�JWfy`uaA$hT�kvI�2�#e�rJ�O$K([n[~y�7��e�a�i�aפ9V-)IMqyPZ��g��3�,i?�,O�x��9�?�ĖYxIݒҩik0�jHg3Ik�-R01�င �)��A�xeS.�hn}[r@92L�#INAq�*fۄx!�~e5�۠XߢҖ��W8Slژq
1cɧ�9:7o�O3d�]3
ds"cWa}
�J�gtKR�c1Y�m�1SA�rhh^!W�{NHUZiq?q$��h�U��A�1/�7=D{[\֞΄J�~ΠNY fǜvoȷ:@x;,[U~�JQ�8}d1fIԙY�wbC;R� x k��p/6dr�unNw}[})y)o3�>�9�p�,*aU67LیH�B{~V<-8Mq}T:qДI�55!T[$|k"o�߽�Pn¯{|�\\t��k\ͱmJN�lfwteiu12sU~5vg$�V!U_{x�1��sN,��Gn�xRoWGw8dpoWo�(ȑ��hM;4S^\Ɨn�\w�ģ�{68wΠ\Wg(�`�|�+ly_᚜ugL?JD%R+_< rO|k�vC[�4k�n{5�T�S'3h�~�̹l&u1g6S7y{�m_P3o�6~l�[V���0yP-zf3�@VE]6buԹKަ\F?cg�f�@-Aɼ#�Ь%5:&OJD�`�?W�SXH)�2�J�Q2��k`
�n�|���.';\@1��;>&Sj�έc�orPTl)%],R��T[ݷ(A0�B�UkXbw2ОįL"}`#(hILÑBu�sTAV�~q��vEpjv{>ě�;:&$�A�'wf"spz;P+�9��/�~�-�4-=ki/� 3c0v�f8Cn�E�pKe%]�O�/
:ä="Lz�RG4[��\0�7Dy��ꨯ�7~C.Fʛ%]J&�YX#L5Q�?Jq}~�nH>I5;4O:4%d�xG��po(\x?��
nF@ ]p�oͲ"~�Q�zZAw9Ƕ%褬TF˸1a�cp�X�%�H�e�_!�@aD0솉�dߙ-böK1�ʱ,
<~�!w»uR4�1�v�ez̕���4>��x!�Fv͏{�Kb+I6u;$Qp*+j5"��A�^�Y]$!cJ|D�,?��t�E$�/]V|�`�~l?��Q�X2�t69/)qy�wYK�6�qNfNf^Ȣi����\1�\ۨsUeb?]C-ttAk-c"]L1x~��[MLδֈ1p*B GUٜ�Arj�5�8�^�RU�BI��ϟ㝯�Z�k>�nl;X�3#66ķW�xc;Xicy�a�hS;Xif{yl�+n-浻sxB(ͪNXr`hi*_{>u����
ue�^vELt��1�[Kx6_b���~�R&gI*
]Z ��0.2��l�VɗKssET�V;;W}搯Z)(!��Wa1"*Fp`�+}^pYDX:Tga^07`^,|�83�\*!EO8v)ed��}TK;H`m3c1 qm}ן�@�r�|w\�כ5
=^b�gJ�h�Y�п0PY{wi/*��~Jk �Y�tn�'HN��D
\
b�ݫ9��RmF��:6z_`�yZ^M`.=8ZXYrV3"-^`oyӶ���mmq%]���F5Rd�3�} g& �s�fT75|G*ńV¯R�^�fjx+nO5�g55h)&mF(h ,a�'
ɗJnQl+;Y75��^�U@8AnI�ʹX3Њ=co�I XPp3}��M>wP*�(j- U
F��d�>��hӑu
oW`�\ zZ되̥�7b?= M�8����
roE�VIr# ,Ő|?Z̄D!��"?��quj}D~hEw[W=
d.Hyp樯Md� �`#w;R�M큰3��Se�\�ߩ>>c_!'va]Q
s�3�]a�p�D8��˪C�{!�&
�-l
� \Z��q4�pL7zuꢗ&�IݾHa?Ð�s�{�S�Z"Q_\1��@Q>ɹy�~1&V3&"��L��m�a�nk\gJp�s0G#1C�LD:5L[lFN1+AtYXwۗLQZj��*�!b3wȥ4͒o ɜҿ�I&��K�>E���T��&}�nAm??~��e�ԋM)Aw�a/x���lx �Lla`t��.Pu?�MgG~n2jt:t0͇S4�f:3j��:r�tT+r�b8KM�5;ӟ{,ȏ]@mݜ�(�8��#�Ja�P��h$bcx=9 J<_7]}m?g�Sd'(��
�@Ka1c�~P\E) s]��+J1vP=AgL͔r_;i_C)?Rʿ@�<�>vNt�N
�I�з�ЧÛlRʁ?;)�'E
�sJ�
RށNJ9E^\�EuݔwAtSO�K7E\�\%�U
�^
=�_埀>g(V�}N3s
:�:S/>IR<��9k\���8�K�"2SZ9,.NSʫPJ9(O�Xi)Zee
KL)~�y/�D{'sg+�I�_W�KI0�ntӖKT3cn9:HAb�a/!
c|U$X2M"{!#(yE#��B�h��toD.�|.Ix�=0?Mu{�1پWߕ\*ܢ�}:aO+XE 9�8�W0ǦY iәz��|,y��|ޥ8cNtKYʘ+wU/SyK{>{S+L��=��q*%���n
zq���
x�L|
~io'[Dpqk;ُkw�Օ� ~3_b
9)?'OpVf2�xJ�U-(er)sWr.gY〈�W *+99W!=a`RZ,�&���K<#
��.=m^%t f�5ˡǎ�!�pA�f݊�C Dk(��x.�x�mDw�_ƴmBf`�-|y�
ގd�@���o��9X�-.#��Q!+ fx}3�1�lƪ1iR�
� {{�[2gډ�:'o�$Q8�I4�75�3ʕDq�
�hdգ칷h9ıմ)9P3�l1@ө6�UT�m�ψ�.LESzq�;ċ#8��*,_bY\s�X]�M['l�yl*b)mԿ+
dHtr�Y���;$y�F(�3�>tAxa�p�7t�-x�Կs� .���"�n+a�VLZ�AYN
x�n�v̹,
̸&�$ʽ/a3 Ӯ�h�ꐾsȎ=���Q]|5hOu��Y�Bf7�[Nʀ_o@n=,N6"f;.�̆I
�ůD|݅N,gns��{�P3xX8�5�g[\Ǚ�@��w&h�\~�_aM{~㝤R7�9=x`&<[�Ä'@tbc�HAأCOv�֤
�2�``?94�#
�>}T.Q
5sE�Eא�E,&JhӄZ�{�fBM�'K�YcӘ2�t�~7,�1{+0�_i
/�Eg�FӾ$=ǚ��X?���f�&}#K���^ƨz� 6�Iϐ�Rȿ�K)�#~��W�n,='�DOj���ӦUMDf@gQl)V_HR˙aNm�%� 1o�)b%:�Fkv[�%�E���`'/2^�;'��fsO��8>eC[gIRT~kJ]*P�=fZPO]�n"�,gqo=Gmk_V�e�ń�!lz6Ҫ$��5ׁ�.��PɑX�)u�l|o�{/)0XP�7v<�p2�I>0)n�9iw�3YD:�9����A&{x5�ˎƔQYɶ��x
S�O~n\y(�oݒ��\�k<>c�iЀΣ^p穎T�U|��J6�A1Z<�&;z>ΝE1�C2|
l|$_xª~SAxr=H'����з��57d�0[|
܇���5HJ��D Oe\!n'�`�cwDl�.5��./Y&
pWa!*e71MP`x3�"gw:G-\��X��x
k�ok3gz��׳[���<-v7�͇MV�ek[$�v/-�Ǭ�vJn�S.u�7tle"�@�]��� �D7#@*r|�X^c �0У,*0%9
q얢U��.nDl`a�Nn0n,D9&@�c�6�v�)E=b농tD]�khT[[�!**�
��/ߵ�5pݼg®"�vyX��A\XIڙB�X�<���s+��o=e�;3F_�{0^6Op2$82��e�pCikZK� Dq]�
�XǢȖWQTR2!�;�/fD?8��ciL��;fcXJ
�XF!&ۅ;�O80�Ux|�-h\�}[Mt,S0#r�X)��j$aZ!%իrX�ul�#�"jOc�V\3z7tZ�31nBM��3L�l&j1Bi>e1�af�r皰�W`0M�Z�.<'�Ȳ�(`,��Lv"V�kMΡmbqR!Ef�Ʋ�#7cP&X��-ůB@w�S ��.x C��,$?��ˋ�}P�39�9�.@OI"cXM1}aEo�|i�w"34�7N>~~hJAE�e遢%!t$��!ջl4�xY?a(X�E�Ch⍾#01|4ߛ3Ө)jI-ǂI#;ov[�b$-�U.I5W䷺v�3��F'e1T�>\J�BS+8�Z/W
gSߥT�F̚J܄;6�6BKslp�6�1���M '��
|
Network Security & Hardware 
