HEADS UP - New major IE exploit.
 

http://www.computerworld.com.au/inde...16298&eid=-255



Internet Explorer carved up by zero-day hole

Kieren McCarthy, Techworld.com

09/06/2004 08:28:25

Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone's hard disk without their knowledge, through a single click.

Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer.

It has been rated "extremely critical" by security company Secunia, and the only advice is to disable Active Scripting support for all but trusted websites.

The discovery stems from Dutch researcher Jelmer who was sent an Internet link which he was warned used unknown Explorer vulnerabilities to install adware on his computer. He found it did and embarked on a detailed analysis of the link, which demonstrates an extremely sophisticated use of encrypted code to bypass the Web browser's security.

In simple terms, the link uses an unknown vulnerability to open up a local Explorer help file -- ms-its:C:\WINDOWS\Help\iexplore.chm::/iegetsrt.htm. It delays executing anything immediately but instead uses another unknown vulnerability to run another file which in turn runs some script. This script is then used to run more script. And finally that script is used to run an exploit that Microsoft Corp. has been aware of since August 2003 but hasn't patched.

That exploit -- Adodb.stream -- has not been viewed as particularly dangerous, since it only works when the file containing the code is present on the user's hard disk. The problem comes in the fact that the Help file initially opened is assumed to be safe since it is a local file and so has minimal security restrictions.

By using the unknown exploits, code is installed within the help file window, all security efforts are bypassed, and the Adodb.stream exploit is then used to download files on the Internet direct to the hard disk.

What this means in reality is that if you click on a malicious link in an email or on the Internet, a malicious user can very quickly have complete control of your PC. And there is no patch available. You can see it happen by click here.

With the code already available on the Net, this is effectively a security nightmare ... unless you're a Mozilla or Opera user that is.

nothing beats Netscape :thumbsup

IE sucks

Fuck IE.
I use Mozilla.

Except FireFox

great :(

auto windows update, really simple.......NEXT

Theres a new exploit like this every month...use IE and you are never safe.

Microsoft supports spyware

I dont see other logical explanation to them not fixing known security holes for months

windows update...why the fuck do people have a problem with updating? every time there is a new update, a little icon appears in my task tray and I get the update...how hard is that?

use firefox or opera
still using IE is just being idiot

I know IE consumes 99% of my traffic :1orglaugh

exploiters are making tons of money again! hurray!!

IE 3.0 works fine for me. :Graucho

And finally that script is used to run an exploit that Microsoft Corp. has been aware of since August 2003 but hasn't patched.

so much for update

Wtf are you NEXT'ing about? Can't you read?

Went to firefox a couple of weeks ago......

Will never use IE again!!

Be sure to get the googlebar at http://googlebar.mozdev.org & tweak it how you like it.

The mozilla googlebar has a ton of cool one-click goodies on it like image searching, google groups, google news, dictionary & thesaurus lookups, page translation, backlinks etc.

You have to play with it a little to get it setup nice though.

I have 3 toolbar strips total on mine...

http://www.jpgsworld.com/gfy/mozilla-is-cool.gif



Notice the instant useragent switcher .... so you can make yourself look like a search engine spider & look at peoples pages how they want them to appear for the SE's :graucho

Thanks.... I was looking for one of those!!

I don't use that UA switcher all the time though... I can't stand more than 3 toolbars and I use that precious little space for my quick site links / bookmarks.

To get it down to 3 functional strips like that I moved all the bookmarks to that toolbar and then disabled the bookmark toolbar. (in... view | toolbars )




Btw... middle-click on any link to open a new tab! :thumbsup
(and middle click on the tab to close it)

Great tip.....

Thanks again!!

how many of you have buyed windows?
i, no.

I am so happy I switched my mail client and browser to Firebird and Firefox :) So much better. :thumbsup

and this is why i love and use Opera, www.opera.com :thumbsup

jESUS CHRIST all the idiots respond again

HELLO MORONS .

NETSCAPE HAS NO SECURITY
FIRECHEESE/OPERA HAS NO SECURITY and isn't even functional

I will tell you the difference between your cheesy fucked up browsers and i.e.

Internet explorer runs updates regularly to patch holes.

This hole isnt new , i have been using it for months.

Firefox and netscape are the swiss cheese of the browser industry.

I.e. is the whipping post for the browser industry.

Anyone who is a webmaster and tells you they dont use i.e. is full of shit or very very poor. They may not use it very often , but if they dont use it they don't know what everyone else is seeing..

Suprise Suprise nobody like i.e. , but its better than your browser :)

BTW the same holes exist as the holes explained in the article in both opera and netscape, they just don't report them because they don't plan on patching them.

someone send this thread to Hooper :1orglaugh

btw if anyone wants to see a sample of this security hole i would be glad to show you how it works..

Don't tell me that you're so stupid that after reading that text you still think windows update will fix that hole?

I updated IE every day.... if an update was available

Every day IE was rendered useless by some crap spyware etc.....

I have been using FireFox for 2 weeks without a single problem

A simple fact

If I am building sites I always veiw them in IE..... but so far I have never seen a difference between IE and FireFox rendering of my pages.... again a simple fact

Why do you think that is, Einstein? Nobody bothers creating exploits for Mozilla and Opera, because they have so small market shares. It's not like everybody's out to fuck it up for MS. It's all business. Moron.

Fuck that, delete the thread already just incase.

I know the reason for it......

But it dosnt change the fact that I dont have problems!!!!

And thats the important thing..... moron

I was also

thanks :thumbsup

go buy it then.

Actually, FireFox & Mozilla are open-source community based projects contributed to by people all over the world. If a vulnerability is discovered, they get fixed pronto.


Note that he's not talking about open source Mozilla / FireFox.

Otherwise it would be even more clear that he doesn't understand how open source communities work. "They just don't report them..." there are no big bug-suppression conspiracies like that in open source. It sort of defeats the purpose.


Anyway you can test various browsers here and see how they compare http://bcheck.scanit.be/bcheck

Firefox, its whats for breakfast

Guess what the farmer sad when the cow died...?

" gee thats the first time she has ever done that "

this correct.:thumbsup

:thumbsup

And i might add.

this is correct.

Well the cow is fit and well at the moment.....

Which is better than I can say for that lame duck I was using

Not that I rely on online browser based security tests to tell me if I'm "secure" or not,

...but for shits & giggles, here are my results from:

http://bcheck.scanit.be/bcheck


Browser Security Test Results

Dear Customer,

The Browser Security Test is finished. Please find the results below:
High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0


FireFox here.

guess what?

you be hard headed, keep on using IE.
more power 2 you. :1orglaugh

because I don't think it smart, but that's just me.

I never have and never will use Outlook, used and still check my pages with IE.

bump :warning

I.E. 6.0, Googlebar, and norton internet security. SUCK IT OPERA/NUTSCRAPE BITCHES



The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0

FWIW, I run IE 6, Norton, and Zonealarm, and I got the same results. I wonder if anyone with IE has had vulnerabilities to show up. And if so, does it actually tell you what to do to fix them or give you links to the patches? Or is it a "pay us/buy our software and we'll tell you the fix" deal?

My wmp opened, I got a download box, and a bunch of other crap, so I was surprised I passed.

That won't work for some cloaked pages.

Just changing the useragent will do nothing.

It's not new. Sorry.

Just for fun I turned off ZoneAlarm and ran only mozilla 1.6. And this is what I got:

The Browser Security Test is finished. Please find the results below:
High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0

With Firefox, the only crap I may have to put up with is JS window-resizing.. :2 cents:

HarryHo seems quite familiar with the mentioned exploit... Makes You wonder
if he isn't making coin on it :BangBang:

Also.. he seems to be enough of a moron to believe he can convert us non-IE's
back from the safer gear.. :1orglaugh :1orglaugh :1orglaugh