Microsoft confirms new IE flaw

By Bill Brenner, Senior News Writer 21 Feb 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

The problem, discovered by vulnerability researcher Rajesh Sethumadhavan, is that the browser mishandles certain html tags. The flaw, he wrote in his analysis, "could be exploited by a malicious remote user to obtain sensitive local files from the victim's computer."

Internet Explorer: Firefox antiphishing feature beats Internet Explorer in Mozilla test Web Browser Security Learning Guide What if Firefox were the target? Security Blog Log: Dissecting Firefox 2.0

Sethumadhavan said the flaw exists in IE 6, and security firms such as Cupertino, Calif.-based Symantec Corp. and Redwood Shores, Calif.-based Qualys Inc. have independently confirmed it.

Specifically, the problem occurs when Internet Explorer handles the following html tags:

• img
• script
• embed
• object
• param
• style
• bgsound
• body
• input

If these tags are preceded by the file protocol specification, a remote attacker can access arbitrary local files on a victim's system.

Late Tuesday, a Microsoft spokeswoman confirmed that the software giant is also aware of the problem.

"Microsoft has completed its investigation of new public reports of a possible vulnerability in Internet Explorer [and] has confirmed that this behavior could allow for information disclosure when a user visits a Web site," she said in an email exchange.

However, she added, "An attacker could not receive files from an affected system, but would only be able to detect the presence of files. In addition, the attacker must know the location of the file in advance."

To mitigate the risk, Symantec recommended users run all software and the Web client as a non-privileged user with minimal access rights and avoid links provided by unknown or untrusted sources. Users should also refrain from visiting sites of questionable integrity, Symantec said.

Tags: Web Browser Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web Browser Security Microsoft fixes security update that breaks Internet Explorer Mozilla update repairs Firefox buffer overflow vulnerabilities Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials Do Facebook URL security concerns justify blocking social networks? Phishing attacks to remain a major problem, say security experts Adrian Perrig: Improve SSL/TLS Security Through Education and Technology New Bahama botnet evades search engines, fuels click fraud SANS: Application threats, website flaws pose biggest security threats Mozilla helps Adobe push out faster patches Web Browser Security Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary browser hijacker  (SearchSecurity.com) cache cramming  (SearchSecurity.com) cache poisoning  (SearchSecurity.com) honey monkey  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) NCSA  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary