United States
Live worldwide spam monitor detects outbreaks as they occur. See what's swarming.
WatchGuard Technologies, Inc.
WatchGuard Technologies, Inc.
ProductsPartnersSupportAbout UsHow to BuySearchProfile
 
Products  

Security Articles

Video Tutorials

WatchGuard Feeds

WatchGuard Wire

Radio Free Security

White Papers

Case Studies

Network Security Glossary

WatchGuard Wire
Improve Your Security IQ

IE hammered with third unpatched vulnerability in a week

Just yesterday, I warned you of a critical unpatched vulnerability in Internet Explorer (IE) involving HTA files. Right after that warning comes yet another critical unpatched vulnerability in IE 6.0 and 7.0 Beta2.

This one involves the way IE handles a certain active scripting method (createTextRange). By enticing you to a maliciously crafted Web page, an attacker can exploit this flaw to either crash IE or to execute code on your computer with your privileges, potentially gaining complete control of your machine. Proof-of-Concept code has already appeared in the wild exploiting this vulnerability to crash IE. The ability to exploit this flaw for remote code execution doesn't exist in the wild yet (as far as we know)... but could follow any day now.

Three different sources independently reported this vulnerability today at around the same time. These sources include

  • Stelian Ene in two FullDisclosure posts ( 1 / 2).
  • Computer Terrorism (UK) :: Incident Response Centre with an alert.
  • Secunia with an advisory.

The Computer Terrorism (UK) :: Incident Response Centre claims to have informed Microsoft of this flaw. Microsoft hasn't had time to develop a patch for it yet, but will (we hope) release one soon. Until then you can disable active scripting in IE to avoid this attack. (If you've installed XP SP2, IE should already prompt you before running active scripting.)

March is turning out to be a bad month for IE users. Besides the two critical unpatched vulnerabilities I've warned you about today and yesterday, IE also suffers from another unpatched Denial of Service (DoS) vulnerability discovered by a well-known researcher named Michal Zalewski. This third flaw only allows attackers to crash IE, so it's not quite as threatening. However, with three unpatched vulnerabilities on the loose, you should strongly encourage your network's users to visit only trustworthy sites when browsing in IE. -- Corey Nachreiner

Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.