(http://www.newsfactor.com/story.xhtml?story_title=-Extremely-Critical--IE-Flaw-Found&story_id=29577):
קוד:
Security experts are warning of a new and highly critical security flaw in Microsoft Internet Explorer, when running under Windows XP SP2.
Simply visiting a malicious Web site could leave a user’s computer vulnerable to malicious code.
The basic flaw has been known about for two months, but security experts originally thought it would be difficult to exploit. However, after further study, security firm Secunia now says the bug represents a greater danger than previously believed.
Secunia now rates the vulnerability as "extremely critical."
Three Problems:
In an alert posted on its Web site, Secunia lists three problems in IE that, in combination, create the vulnerability:
"Insufficient validation of drag and drop events from the Internet zone to local resources for valid images or media files with embedded HTML code;
"A security site/zone restriction error, where an embedded HTML Help control on e.g. a malicious web site references a specially crafted index (.hhk) file, can execute local HTML documents or inject arbitrary script code in context of a previous loaded document using a malicious javascript URI handler;
"A security site/zone restriction error in the handling of the Related Topics command in an embedded HTML Help control can be exploited by e.g. a malicious website to execute arbitrary script code in the context of arbitrary sites or zones."
The exploit bypasses a key SP2 security feature, Zone Lock Down, which is designed to prevent an attacker from remotely executing script on a local system.
Safety Measures:
The vulnerability was identified initially by security group Greyhats, which warned of the bug late last month.
Microsoft is recommending that users turn off the "Drag and drop or copy and paste files" option in Internet Explorer and set security levels to high for the Internet zone.
Security experts note that the problem does not affect other browsers.
Secunia has constructed a test, available on the firm’s Web site, that users can run to determine whether their systems are affected by this issue.
שימו לב שהכשל אבטחה הזה הורכב משלושה כשלי אבטחה שכבר היו קיימים![ההודעה נערכה על-ידי cp77fk4r ב-10/01/2005 18:38:08]