All the latest UK technology news, reviews and analysis
|
|
|
05 Nov 2004
Security watchdog the US Computer Emergency Readiness Team (US-Cert) has warned Internet Explorer (IE) users to update patches after it discovered a buffer overflow vulnerability that gives hackers local admin rights to execute arbitrary code on compromised PCs.
The so-called heap buffer overflow vulnerability centres on the way IE handles the SRC and Name attributes of Frame and Iframe elements.
US-Cert warned that publicly available exploit code could use JavaScript to prepare heap memory with blocks that consist of Nop slides and shell code.
"After mishandling overly long SRC and Name attributes, IE de-references a memory address that may fall within one of the prepared heap blocks, running through the Nop slide and executing the attacker's shell code," the security watchdog said.
"Without the ability to prepare the heap blocks, this attack become significantly more difficult."
Other programs that use the WebBrowser ActiveX control (e.g., Outlook, Outlook Express, AOL, Lotus Notes) could be affected by this vulnerability, the security watchdog warned.
Hackers exploiting the bug need to convince a user to view a specially crafted HTML document, such as a web page or an HTML email message, after which the attacker could execute arbitrary code with the privileges of the user.
The attacker could also cause IE (or the program using the WebBrowser control) to crash.
US-Cert said that, while there is no complete solution to this problem, users should begin by installing Windows XP Service Pack 2 which the organisation said "does not appear to be affected by this vulnerability".
Users are advised to disable Active scripting to make it more difficult for attackers to prepare the heap to execute arbitrary code.
"At a minimum, disable Active scripting in the internet zone and the zone used by Outlook, Outlook Express, or any other software that uses the WebBrowser ActiveX control," US-Cert advised.
The security group also advised IE users to follow basic common sense security procedures such as not clicking on unsolicited URLs received in email, instant messages, web forums or internet relay chat channels.
Email client software should be configured to render email messages in plain text rather than HTML, and antivirus software should be kept up to date.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Technical Author - Enfield, North London - £30,000...
.NET Developer (ASP.NET, C#, VB.NET, SSIS, SSRS, C#.NET...
.NET Developer (ASP.NET, VB.NET, C#, VB, C#.NET, dot...
ASP.NET, C# Developer (.NET, C#.NET, dot NET, Web Application...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?