Article

IE 'object' tag flaw found

Bill Brenner

Two weeks after Microsoft patched a series of flaws in Internet Explorer, a new vulnerability has surfaced that could allow attackers to launch malicious code and corrupt system memory.

The

    Requires Free Membership to View

latest security hole was discovered by researcher Michal Zalewski, whose analysis was posted on the Full-Disclosure electronic mailing list hosted and sponsored by Danish vulnerability clearinghouse Secunia.

"There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested 'object' tags," Zalewski wrote. "At first sight, this vulnerability may offer a remote compromise vector, although not necessarily a reliable one. The error is convoluted and difficult to debug in absence of sources."

As such, he said, "I cannot offer a definitive attack scenario, nor rule out that my initial diagnosis will be [proven] wrong. As such, panic, but only slightly."

In its own advisory, Secunia rated the flaw "highly critical," saying it is caused by an error in how certain sequences of nested "object" HTML tags are processed. "This can be exploited to corrupt memory by tricking a user into visiting a malicious Web site," Secunia said. "Successful exploitation allows execution of arbitrary code."

Secunia said the vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. The firm recommended Web surfers stay away from untrusted sites to reduce the threat.

Microsoft is investigating the flaw, according to media reports. The software giant last addressed security holes in the browser April 11, when it released a cumulative fix for vulnerabilities that included the createTextRange flaw.

That flaw became the target of hundreds of attacks in late March and early April.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: