Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Killbit Workaround for Zero-Day IE Flaw Available

    By
    Ryan Naraine
    -
    August 19, 2005
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The SANS Internet Storm Center has released a “killbit” package as a temporary workaround to help Internet Explorer users thwart malicious hacker attacks.

      The utility, available here, sets the “killbit” for Msddds.dll (Microsoft DDS Library Shape Control), the COM object that can cause browser crashes—and remote code execution—via specially crafted Web pages.

      The tool was written by Tom Liston, a researcher at Intelguardians Network Intelligence and incident handler at the SANS Storm Center, and is available for free in both a GUI and a command line version.

      Liston told Ziff Davis Internet News the tool will serve as an effective workaround until Microsoft gets around to providing a comprehensive patch for the underlying vulnerability.

      Liston, however, warned that once the “killbit” is set to prevent the use of Msdds.dll as an ActiveX, all applications that use the COM object utility will break.

      Detailed instructions on using the tool are available on the Storm Centers Web site.

      Microsoft has already issued an advisory confirming the severity of the flaw and providing pre-patch workaround to help block known attack vectors.

      The advisory follows the publication of a zero-day proof-of-concept exploit that could launch browser-based attacks targeting IE users.

      “This condition could potentially allow remote code execution if a user visited a malicious Web site. This COM Object is not marked safe for scripting and is not intended for use in Internet Explorer,” Microsoft warned.

      There is no patch available for the vulnerability, and because exploit code has already been released, there are increasing fears that a widespread attack is very likely.

      /zimages/6/28571.gifClick here to read more about Microsofts warnings of a Zero-Day exploit.

      “We feel widespread malicious use of this vulnerability is imminent, and the workarounds shown here provide sufficient countermeasures to be applied quickly,” the Storm Center said in a daily incident diary entry.

      Security alerts aggregator Secunia Inc. rates the vulnerability as “highly critical” and warns that a successful exploit may allow the execution of arbitrary code.

      However, a malicious hacker must first trick a user into visiting a specially crafted Web site to launch an attack.

      According to Microsoft Corp.s advisory, an attacker could target the hole to “take complete control of the affected system.”

      The Msdds.dll COM Object is used to provide a built-in shape for DDS Designer Surfaces. It is used by components such as Visual Studio Database Diagramming to provide a way to visualize database objects.

      In addition to Microsoft Visual Studio .Net 2003, the COM object can be found in Office 2003 and Office XP, two widely used desktop productivity software programs.

      Microsoft plans to release a security bulletin with patches for the flaw–either through the monthly update process or with an out-of-cycle release.

      Microsofts pre-patch workarounds can be found in this security advisory.

      /zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Ryan Naraine
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×