|
| Top
Security News |
Secunia Spars With Microsoft Over IE7
Denmark-based Secunia has brought up a trio of Internet Explorer 7 issues since Microsoft formally launched its new browser, and both sides have traded pointed comments about its vulnerabilities...
Can IPS Alleviate the Botnet Problem?
The manual demands of analyzing a piece of malware and developing a signature to defend against it have been sped up dramatically with Sunbelt's latest product...
MySpace Zero Day Shows XSS Vulnerability
BT Group, the formerly-called British Telecom, has acquired the Counterpane Internet Security firm, which lists well-known cryptography and security expert Bruce Schneier as its CTO...
CWSandbox Automates Malware Analysis
The manual demands of analyzing a piece of malware and developing a signature to defend against it have been sped up dramatically with Sunbelt's latest product...
Schneier's Counterpane Sells To BT
BT Group, the formerly-called British Telecom, has acquired the Counterpane Internet Security firm, which lists well-known cryptography and security expert Bruce Schneier as its CTO...
n3td3v - Security Trolls
N3td3v is/was a security troll that plagued the full disclosure list for quite a while, claiming to be a yahoo security engineer, with his own mailing list at yahoo groups, yahoo personal page and a host of other places that you could find him...
|
|
|
|
Internet Explorer 7 has been available for a few days, but with millions of installations of IE6 in the world there are plenty of PCs that have not opted for the latest release from Microsoft.
News about the WScript.Shell problem popped up on the Handler's Diary operated by the SANS Institute.
When exploited, the flaw in IE6 could permit the execution of arbitrary code at the permission level of the user.
Winguides said "the WScript.Shell object provides functions to read system information and environment variables, work with the registry and manage shortcuts."
The initial advisory appeared on the Bugtraq mailing list. It included a description of the exploit, and proof of concept code demonstrating how it functions. Bugtraq does not list IE7 as being vulnerable to the problem.
Networking company Cisco also discussed the issue in more detail, and pegged it to a problem with WScript.Shell:
An unauthenticated, remote attacker can create malicious JavaScript that causes the object to execute code with the privileges of the user. This code could be placed on a malicious web page. The attacker would then need to convince the user to visit the malicious web page with a vulnerable version of Internet Explorer.
Even though the vulnerability has been discussed online since earlier in the week, Microsoft has not commented on it in their Security Response Center blog.
WScript.Shell has posed problems previously as part of other exploits, like one revealed in July 2006 that could have been attacked through WScript.Shell.
Microsoft has addressed another problem, this time with a vulnerability in Visual Studio.
A critical vulnerability in the program could permit remote code execution and system control by a malicious party.
Workarounds for the problematic ActiveX control, the WMI Object Broker, has been posted as part of Microsoft's security advisory on the issue.
Though the workarounds don't correct the problem, they
do block potential avenues of attack aimed at the uncorrected
vulnerability.
About
the Author:
David Utter is a business and technology writer for SecurityProNews, WebProNews, and InternetFinancialNews.
|
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
