Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


SANS Spots New IE Vulnerabilities



 By: Matt Hines
2006-06-30
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Two flaws have been discovered in Microsoft's Internet Explorer Web browsing software, one of which has been labeled a critical vulnerability.

Researchers have discovered two new vulnerabilities present in Microsofts dominant Internet Explorer browser, one of which has been rated by security experts as critical. Both vulnerabilities affect the Version 6.0 iterations of the browser.

According to virus watchers at the SANS Institutes Internet Storm Center, the flaws were reported to its Full-Disclosure mailing list along with related proof-of-concept code. However, the organization said it has not yet received any reports of the vulnerabilities being exploited in the wild.

Researchers described one of the glitches, which is capable of allowing so-called cross-site scripting attacks, as a critical vulnerability, the organizations most serious rating for emerging threats.

The other flaw was ranked by virus experts at security firm Secunia, in Copenhagen, Denmark, as "less critical," the second-least serious ranking out of five assigned to such glitches under Secunias system.

Microsoft officials did not offer any further comment on the security issues, but SANS, in Washington, reported that the software giant was aware of the problems and researching their potential impact.

Resource Library:
According to SANS, the more serious Internet Explorer vulnerability can be exploited via the use of certain HTML applications designed to trick users into opening a file by double-clicking on it. The questionable file has to be accessible through the softwares SMB or WebDAV (Web-based Distributed Authoring and Versioning) protocols, and can be located on a remote Web site.

Researchers said the proof-of-concept attack they were sent is limited in scope based on the fact that it requires the user to click on an icon to execute any potentially malicious payload, but the organization said it expects to unearth "creative use" of the exploit in the wild "very soon."

One suggested workaround for the problem is to disable Internet Explorers active scripting capabilities altogether.

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

The second, less harmful vulnerability is related to the Web browsers handling of a specific type of HTML property in the software. SANS said abuse of this property could allow an attacker to retrieve content remotely when a Web page is viewed by a user.

The company said the vulnerability could be "potentially nasty," as it could allow attackers to retrieve data from other Web sites a user is logged into, such as a Web mail account, to steal users credentials.

SANS had originally reported that the second issue could also affect Mozillas Firefox open-source browser, but has since rescinded that claim based on input from other researchers.

On June 26, Microsoft took the unusual step of releasing a formal security advisory to warn of the publication of "detailed exploit code" that targeted a critical Windows vulnerability. The software makers security response unit strongly urged Windows users, especially businesses running Windows 2000, to patch the vulnerabilities addressed in the MS06-025 bulletin because of the potential for a worm attack.

Click here to read more about Microsofts unusual warning about the release of exploit code for Windows.

The MS06-025 bulletin provides fixes for a pair of code execution flaws in the RRAS (Routing and Remote Access Service) in Windows. On Windows 2000 systems, the flaws carry a "critical" rating because they permit a remote unauthenticated attack vector. Both flaws could allow a remote attacker to take "complete control" of an affected system, and because a blow-by-blow exploit has been published on the Web, Microsoft is bracing for potential attacks.

Microsoft typically addresses security issues in a monthly update.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: SANS Spots New IE Vulnerabilities
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Matt Hines
 


x}r㶲s\@♵MQGJɖ<45SHHbL\$e[O]'7nBKL&{$%hh|G޻$\8auE1>=zg{HRcoM#sJ9Az#:,t}w5k99r z=>;|/s=NN5%SjNA]m3g{z}_6gڄ2z9o0 fE63F6IE9JG>֥qȏB4IEc$+#'x8Ӽi/DaO؀HM"x<&J>w\'{dY (ʻf{iki#2pj9Wy7v!6^ ;s9Fȹ3oWni=3d9';{ -XdUjL b#2R!c7`Ww,ǃɩT*KTjQ3cmfZ35-3ǀؾQ̀A3E5L_C($fʀ[8Qʉ7<{eAuӱaGH5#o8sheynJ| bT9,EiνoDUyݙ|7~_* e*Gq7Y} mm99xMS!LEsz}qN5nxvtx//0wFD_"QYTY|/LZ@ ,֓P? uNH5}(D~ZKEKXOR ])1N,R8Db9O-Ҿ;6OO;3$oIJ5<jUU*H j vFLEYsYڟ:>gg:Qڟm3H/klxmaf;dP[w8LwZ|()~hNd@'Sdx*˭A|н  '|#8U%Kes7p@WM}rjNTꊬ2Wr{熷HK\zcOguEW~?u~}T%glh|X.B2iK1.PWGojۛjrϏV)Ûq *aG-dj`qaeBݠcmnyw~NfI|F s>4N< YC!ʠڴb{\fS4!E&M`;^h>[ <[ KPA}x3z&z(4H h&r<kIMlLJ.??6 ; G`rɝ 5y05ݻ#i`y1yjQ?]*~hs`-D>o 4F&QcSB\jÐx?k1 %@X mAt"BђF 4  gsX"C"'' [A7w$]KI+\fz"BI*Cvn ˥=*%nqR%a 3ʬ$&vϏ[LboD6], S mo3-muk{T*aiқM݄%Gn]ռ's2H`:ii`2Ԑ(ʲEg9@Azn4ǀs Xw,zEдBk`JAqy㻀 2&٢͙iÂqjS9_A\!4Lh,G7u準I(BZzI2ۿP.MmEc7˅L4 +׬uPL g<)*[hs< ):ȭ}3R7)\PJ=&"ǰP3>p(^HIbЙj!@)zէl.>?ΖME֊eSG{_No6y2Kmg@y# dl+Z1 E$$BY`}.eGQHīd - 6:6pȞc>7l`( rQ G&,-sV+^Ϛe+ L 24` DolVCax5Zz As,K[fL?C=(-JPT$' q/#Y XTر,>1}6Ț a(JuѧI״& gzI8*'og+#aOQ*# ko`" 2l3sF&/ftwE% i4Q* Mܧh&\3atSӧ턇4`Hkڸ/|P"X 8|F> B&ODBR Hg[QZo3C zoA$zcK& O>pӞrVyC濚?O=~2ԪbV= (qIV߬ (9)3Ku)*|m1Dw7LFi Y<\8JoC0t*tȕ`s|eLFjAB;< ry-0f]pI4SJ ӣzp|o) nrʃ4t]3@$2}}v~:N HQVAq{s;OM*?R'%:"pwCTEetXݚ `1}jDa#CP`f0%+ #m6QJs8-"vV;KjZSR+b::>JN枏+ӥ ,GϺ]j}u¾_YN_7{%|h#R @ j` Kx{ZCAm1۩Dw]܁c2P=H(Tg7gME]ac6U{zn&)Z-MӫU;4zJ幛>67'oj-rFLk 0j(Y|;` rfVɍZtNd_&F}G ϓGj91ߖ,09EW|փu+lm?`gk`pl1\APB lhܕ[2_ r6_?K}[L4@V1-0]̞̙-mdۨ*X9 2s'Si mm[Q CzG;9&K!GTжU0Hz7.qLsP$Xv迌*KGɭX+qy lSRZ/ւ `PS*z "@#+}t'fPzQ|Z#&jۃ|$XQ]zU&CUT-Vr!!~ͳ!VQ%'"ZAX_xLl AKl!/`.R(S/"hD]R.)3na/ ~egm!P?F˔[ā0W?4$NcVqDMc? h)k4CoeE*:&ZQRj“pӁ9t{@&l~"tDǡh2)dnQ==׍!n@?ws̡f 02Nr|$UJZVJ=H4 #uL)UjJe!%O.'-U*j vq ^`|"@)c'd8'l{H ' aV*S7~.RH#+#I q`w0kb1ǟM1Ήy}Z+=NL_BP`&w,OɪO@T #NEw%]w7UO}ֻHgn1@q3f^3.;QaVvXi\#-HV_G|L`ueKtlb8K} LAIP 4t=&!}F́{%%U\y6ElFp0\<!9аIo0un}R|IwѻGE-%{D's=B DH͋#䄬W!zN/fS L k;d8)(hdqH/=^q@Wһn9`R4c5Ig AE׏7y4eVﭩ Bp,`$X*Xu2_]4?GG2sE9^S PW2REHIAZu_f| bt<~Ut";Po)J!~_!c&o8~ɮP6hLVf:n|"B2Nlp l_tEcrF4-K_w "tSOkԛ#25 &r֚SE[D-{B[QTwJޣd$zdeafIlx4c%RJɔ&]'C8 z>SB&T ˓$-+I^O eq ie*ʒ*~(i'1ۡ ҡۓ_5/G8{Pt.+P}sXd<<RpLCRàsڼ e!>OvIJh 鳁VK IN48=Na.Or/uϏ*Um_f=z@:'M{q?K8:Gw*b9,_@ݾpne9?jwh{tb5o14L,*zj6;l-39&i ј@.-vd14Y aAXy h79g; 91<O$[euw+[c³D`GHA3}缩gA jm9itpUE0p1~oE[ά1!Ifm1ZP|9ߎ93{K4Wj Z*2kp+cS[K//.94y˭0L L ܻ'Vxe86[b[05| NKGֈi[a32O2͙F]QO>,0eROWVcXbiE7!)%xpe$Ƥ[& iv a} oŰW={Mra~azrK}|T&r<@vZj O9z'Cq$eA@X23J ILT}gIhmh'D~0 YQ3-ν4pVFFjv]Lyt"M6|p4^["Ql *GY?eF餖3PngU'YT0.g~}db7ĞeofmSMI۴!SCBr3'nnzꈬdv"''hN&x RS 㱁lPQ_,Ch8ړ8Yb6T&Z-DSxF(?n7^Eπk>P!*`@=J~4 J9IQy#P?VbPP1T9"LyW609nYy*Y,sBm0/Z4L Dp3"LD4v<4> $',3K=m8~?"!l"`8K.o"LV0KB& Dt4Vouq7 W+og2Q}:=p&Rӵk O`B:O%80×3AHG([;(mThIK Qt93*]YsTN[jBE jl @ E]/SNv"CIQ$-N"Nȴ1[ He =K= @VMRzPV`Q-JPaM \M+Z$( T4X ZܖB˯(P__@eGdi{[aK<-V1d$JqxFפʋS%ך:RXRT,ɹ8*c6W'i B$=1gUM :r~^+@󁂦A[JnxY׽:vgįUNUٸOG (epٗ˻1h.X^:eJ7/uRǠT9W*K G>.VyX=mFFY?[{r^PmpKH l%6LV&PtXĕr_-`+?ͫ awr3*8:o>>_DA|* sF0s`-gҶnqb,kbzF:֥<[*Hs̃ si*(p@",#1 0_űa4.ooIW+>5Sк3)E]" q&~<{^rҫ/+ziL~ @v[txMs?Fqo&a&UǪzKA x Pmx%jeKk/H /gkﻤo~s}s}s}s}νrP{'߼KǍ׶ю߲[``n#!HDی m ͪ}a/cX۾y S*P?ǃO~ΎExUOn_ߔo9pۍk_kR5\%]Qǵ($Fd?p m=x]2@K@"FD }.x}&9i V.Y%r ]ӿ Dmh"jfR|iɿ#n޷8xɦRߜ&^4o*eRQ `R/BYkv`#>qD[O@@ ^S94fY417(jy_Kݪ_xģye XlMZ~ '[b>*EwbVd@.]h ߐ}LI˜)4ϯ&cݝBQL-Y;cT<ITnp=jh D֤H fvZZjP(c7Cy^ Y׽GVjjJ y>H ÊjZ;o]s"bq16~xҧ%E>-^awv鮥UA/ml*K Dؕ_i; n Hhc̞vx^yَM݆[kn3r959?/R\mD 96z_a8Rm{Ω05r1S%'{3.&Yqۏ(ok[s!=ڥ]baiL &N肜kfM--FKuSC53?b)m&, <W0aayG )VZaqb+ZAkbp<ҡB+qܖit _|B'`߄ c O0rt&7Az$wp O?>|6ڄyi$Yc r'o\IxcO)׀!gȢxRWH7}H['鍀IC䏖+62s^_Ѿi? =4;}ӿh>zx d!/9ku/ւ]&4q1 S[EF]\S3Y0xd+JAW: wCGyv;}ꀶк|U-~m#kA1H3v^o| E cDTw.3OaD9P=SqbX"aR1Q(pxi|wv`nOKZ‚ 5" ccmDR,) 0鄿aں5g1;mɗe D> z+?,QY G3wأ4ϓ/}zTP"0XJdt.JgUE d37  c! v767PF-śA~guEq HD+^@03uG1K50 }a3B};\`rgrֻ&MrvnǓuj]E6a[kN|SwNzϧgur,&hT慶xQ(;OFYm3;eNq*gڃE BWh,Y.284dG_14e8uf@׋'a~\<)v}YQ^M21Sl-3|vuQSȐ:|jQ=+l0C=W鳷 p!>E/ڧһlIk%w@CF/PKF5_o.?m63{P(GJl.oZS(?\~9{7wrN+2ʡsQdC?( 7_ ]g-c~0noO賛A]n}"^f(?@?2ʻP(̘K ̘ȟ^|eȗ+ W~3gg7Ƞ_?}}̠OP))c|2w7Y@7{dwAI]'Izʛ|ּ…)IFy98ɠrEV*SV9,.2x|fOvHy1jo|V/O 8uߜ:RNw }YV&ƀY8'}p)NBhعkjZ|t=påzA|7q X1-H$GR% J\䎿ߓN0mzp@Dd(jE\I0jpX.U&zg l]{ۦJ̾jCO3CX)ḇ}̺lk %.<+m.R+Xڼx-y|yN؛ڎy@V@,(s[^FlB#VxW3ϩc 6V{[1g7ډ:Gq8I473ΕqM\ -تGШs7Ӧrz Lsx3UWs 0 lJ//ӡGxA#KQ,V.n k`V{﹩r-#2O,UE,%OB.:P'GW`w|!+C0BkN#oSaxQp&t䝈4w[@. " n+QULZDA 0uV`wƨ=fmb5)"R IvMB8GړL I ZxU{4vdL(1 kEF(t#B !0!K W[l,)1{;KH.ZԿsg9-C{)L9.ꃧrSlY`_CBbЗ +{:3Up6 I7T`'8Ǧ a4:R/X9VF  u EݩcE\cͅx{p߮da?>N@6AыpOaƵHzgĠ#)de hqzF߭Uh#IM &Ah&.5b8gK“J'Ңwr\鱻$Vr.Q =nַfUSmOTx/ē_| PgWbz`#Yұ ߞQ DOQ[K|iG:AߍKd7-YmˊL3t#[G)땴VХAG[=$sDs݅ ߠ^+yJ>? T@|- %{\6LDRg}F0~N:]jV0N9DePoc约1cbV!qdFӧ-[@# e`0v4aeh)Yձ]w O 7g}4,עƄJ:Ɛ=٭)0p,\ftOG6AF|eKoy[=L_&%\!dʵhlg`wDl .3*OYE hWa)*e76K((Xp^'A6ti9;>BAr"#<[^ҵyf#ŧ3+owt-(odVw(̝,ӟ~H϶Q5¶`w{|iWeJpC)tO˞ĕ˰CNx3AEX (K#L{9NRnãÍGHǸ׬[ [ qy6` <Щ1 G:q3r7MvQmQ#xaW:~ib=yj=/kW؁nl`Txq;s[_08alX  ^|޹+o3Љe{4^ζpA&}k\ȏ,,L[뙗O C7Ѱ0 L{,luEG%RrNCa 0F :h2 1>.f@h<˜4W6QĶqy4}qX0#ŸEr gc"aZ!%ӫrXotlQozc|>[zwD,5bb:(-zk|XKc.&Ա`=br8Lte4Q3|JKm)胋Ƚgzd>]x OgWPэX-f1!Dv88)ҡCCԚR!E´#T 1L(B,RYדWv!{Zq΋|E>WNENE<<*IDy{S/|џ],?I*g\`