Article

Microsoft rolls two new critical IE fixes in catch-all patch

Michael S. Mimoso, Editorial Director

The beat goes on for Microsoft.

Less than two weeks after the outbreak of the Slammer worm, which exploited vulnerable SQL Servers, and two days after announcing it was pulling back a faulty Windows NT 4.0 patch, Microsoft on Thursday warned Internet Explorer users of two new critical vulnerabilities.

The new fixes were rolled into a cumulative patch for IE that includes all previous patches for IE 5.01, 5.5 and 6.0.

One of the new vulnerabilities involves the Web browser's cross-domain security model. Microsoft's alert said this feature keeps windows of different domains from sharing information. The vulnerabilities bypass those checks and could allow an attacker hosting a malicious Web site to access information from a local machine. Microsoft said that, in a worst-case scenario, attackers could load malicious code onto a compromised system or invoke an executable already present on the local machine.

A user would have to be tricked into visiting a malicious Web site, hosted by an attacker, where the exploit was contained. Once on the site, the attacker could, for example, manipulate a dialog box and access information on the local domain from the Internet domain, Microsoft said. IE 5.01 users are not impacted by this vulnerability.

The other vulnerability is found in IE's showHelp feature, used by IE to display an HTML page containing help advice. The flaw could allow showHelp to execute without doing proper security checks and

    Requires Free Membership to View

could allow an attacker to access sensitive user information, launch executables already present and load malicious code.

Again, a user would have to visit a malicious Web site hosted by the attacker, where they would open a showHelp window to a local file and gain access to the information stored there by sending a special URL to a second showHelp window, Microsoft said.

Microsoft cautioned that the new IE patch will shut down the window.showHelp function. Administrators will have to install the HTML help update released through Windows Update to get it patched and working again.

Microsoft this week also released an alert to Windows XP users warning of an unchecked buffer in the Windows Redirector, a feature used by a Windows client to access local and remote files regardless of the network protocols present. Microsoft rated this vulnerability "important."

The unchecked buffer receives parameter information. Should an attacker send it malformed data, he could shut down a system or run code. However, an attacker would have to physically log in to the system to run programs that use the redirector function. This flaw cannot be exploited remotely. Also, XP systems that are not shared between users are not affected.


FOR MORE INFORMATION:

Microsoft security bulletin including cumulative IE patch

Microsoft security bulleting including patch for unchecked buffer in Windows Redirector

SearchSecurity.com Featured Topic: Virus Alert -- SQL Slammer update

Best Web Links on securing your Microsoft products

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: