Jump to content
Sign in to follow this  
Dr.Melzer

Alert - Microsoft Security Advisory (917077) Released

Recommended Posts

Frisch eingetroffen:

 

 

This email is to notify you that on March 23rd, 2006 Microsoft released Security Advisory (917077) - Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution.

 

Purpose of Advisory 917077:

 

Advisory 917077 discusses public reports of a vulnerability in Internet Explorer. The advisory provides an overview of the issue, details on affected components, workarounds, suggested actions, frequently asked questions (FAQ) and links to additional resources.

 

Overview of the issue:

 

When Internet Explorer displays a Web page that contains certain unexpected method calls to HTML objects, system memory may be corrupted in such a way that an attacker could execute arbitrary code. A Web page specially crafted to attempt to exploit this vulnerability will cause Internet Explorer to fail and as a result of this system memory may be corrupted in such a way that an attacker could execute arbitrary code.

 

Status of the exploit:

 

Microsoft has seen examples of proof of concept code but we are not aware of attacks that try to use the reported vulnerability at this time.

 

Mitigating factors:

 

· In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

 

· In an e-mail based attack of this exploit, customers who use Outlook, Outlook Express, or another e-mail reader that does not allow script in e-mail messages would have to click a link that takes them to a malicious Web site or open an attachment that could exploit the vulnerability.

 

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

 

Workarounds:

 

Microsoft has tested the following workarounds. While these workarounds will not correct the underlying vulnerability, they help block known attack vectors. Note that these workarounds may impact functionality. Specific steps for each workaround and possible impacts such as reduced functionality are detailed in Security Advisory (917077).

 

1. Configure Internet Explorer to prompt before running Active Scripting or disable Active Scripting in the Internet and Local intranet security zone.

 

2. Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones.

 

Q: Is there an update that addresses this issue?

 

A: Not at this time. Upon completion of the ongoing investigation, Microsoft will take the appropriate action to help protect our customers. This will include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

 

Recommendations:

 

* Review the Security Advisory (917077) for an overview of the issue, details on affected components, workarounds, suggested actions, frequently asked questions (FAQ) and links to additional resources.

 

http://www.microsoft.com/technet/security/advisory/917077.mspx

 

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

 

Thank you,

Microsoft PSS Security Team

Share this post


Link to post
Share on other sites
Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte überlege Dir, ob es nicht sinnvoller ist ein neues Thema zu erstellen.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

Werbepartner:



×
×
  • Create New...