Últimos mensajes - Powered by IBM
- Orientación de página
- error al intentar unirse al dominio
- Botones de acceso rapido en un teclado
- PROBLEMAS PARA CONFIGURAR IMPRESORA
- Crear mensaje de inicio en bacth
- Problema con cartel "Suspender Apagar Reiniciar"
- Error al encender laptop Pantalla Azul
- sesion lenta entre xp y winServer2008
- mensaje antes de responder un correo por xchange ...
- problemas con Z:
Palabras claves
IE Exploit Lets Attackers Plant Programs on SP2
23/10/2004 - 01:15 por { Memmito } (PUERCO chupapoYas) comemela | Informe spam
By Larry Seltzer
October 20, 2004
Updated: New attack finds yet another leak in local resource security
that Windows XP Service Pack 2 and subsequent patches were supposed to
plug.
A security researcher has discovered a new exploit for Microsoft
Corp.'s Windows XP Service Pack 2 that allows programs to be planted
and executed on fully-patched systems.
ADVERTISEMENT
The researcher, known as http-equiv and operator of the malware.com
Web site, discovered a weakness in the local security zone of Internet
Explorer which, through the use of the HTML Help control, allows
security restrictions in the zone to be bypassed.
In combination with a separate vulnerability, in which drag-and-drop
operations permit executable content to be placed on the system, the
result of the attack is the delivery and execution of potentially
hostile code from an external Web site. The researcher provides a
proof of concept example on the site.
The drag-and-drop component of the example is surprising in light of
Microsoft's recent patching of a related vulnerability. Thor Larholm,
senior security researcher for PivX Solutions, said the Microsoft
patch, designated MS04-038, "does not patch the drag-and-drop problem
directly—instead it tries to prevent its use by limiting the types of
files that can be used in DYNSRC."
DYNSRC specifies the address of a media object used in a Web page. "As
http-equiv demonstrates in his original post, this restriction could
be circumvented," Larholm said.
The problem is relatively minor and can be patched by Microsoft
without too much bother, Larholm said. In the meantime, it can be
circumvented by disabling a particular shell object, Shell.Explorer,
by setting its "kill bit" in the registry. PivX Inc. is providing a
registry fix for doing this on their Web site.
In order to deliver and run the attack code the user must perform a
drag-and-drop operation. In a real-world attack, users would probably
be enticed with a media file such as an image or music, but the file
would contain the attack code, according to a description written by
Symantec Corp.
A Microsoft spokeswoman said the company is investigating reports of a
vulnerability affecting Windows XP Service Pack 2 and earlier versions
of Windows that could enable an attacker to place a malicious file on
a user's system.
"Microsoft is not aware of any customer impact at this time. However
we will continue to investigate the issue to determine the appropriate
course of action to protect our customers. This might include
providing a fix through our monthly patch release process or an
out-of-cycle update, depending on customer needs," she said.
Microsoft also advises customers who have applied the latest Internet
Explorer update, MS04-038, to set the "Drag and Drop or copy and paste
files" option in the Internet and Intranet zone to "Disable" or
"Prompt." Once this setting is changed, the spokeswoman said, the
attack described in the report will not succeed.
In addition, customers who have set their Internet Security zone
settings set to high will not impacted by this vulnerability.
Editor's Note: This story was updated to include additional
information from Microsoft.
PointerCheck out eWEEK.com's Security Center for the latest security
news, reviews and analysis. And for insights on security coverage
around the Web, take a look at eWEEK.com Security Center Editor Larry
Seltzer's Weblog.
horizontal rule
Be sure to add our eWEEK.com Security news feed to your RSS newsreader
or My Yahoo page
Email Order Reprints of this Article.
TALKBACK
Sign In To Talkback! | Register
Fill-in form below to apply.
First Name:
Last Name:
Title:
Company:
Address:
City:
State:
Zip Code:
E-mail:
Cover: October 27 Filter
Renew today
Try digital eWEEK!
Subscription Help
Ziff Davis Partner Sites
# Visual Studio & .Net Dev Center
# Grid Computing
Ziff Davis Featured Sites
# IT Reseller News & Resources
# eWEEK.com Storage Topic Center
FREE ZIFF DAVIS MEDIA ESEMINARS AT ESEMINARSLIVE.COM
# 10/25 - The Road to 64-Bit computing: Bridging the Gap to Itanium
with Aaron Goldberg. Sponsored by PC Connection, Inc. & HP
# 10/26 - How To Catch a Phish: Keep Online Phishing and Fraud Out of
Your Company with Frank Derfler. Sponsored by MailFrontier
# 10/27 - Leverage Both Legislation and Technology to Combat
Fraudulent Spam and Phishing Attacks with Aaron Goldberg. Sponsored by
CipherTrust, Inc.
# 10/27 - The Desktop Access Advantage: Leveraging the Benefits of a
Managed Service with Frank Derfler. Sponsored by Citrix Online.
Nov. 30 - Dec. 1, 2004
Ziff Davis Media eSeminar's Security Virtual Tradeshow will bring
together top security experts for a two-day online event focused
exclusively on the most pressing IT security issues. Through a series
of keynote presentations and interactive panel discussions featuring
government officials, IT corporate executives and leading industry
analysts, this event promises to educate you on growing threats facing
your IT systems.
Register Now!
FREE WHITE PAPERS
Click on a link below to download one of our FREE White Papers:
# Thin Clients: Solving Business Problems at the Point of Data Access
# Digital Data at the Point of Care
# Securing Terminal Services
FREE ESEMINAR
# No Loss in Going Thin: Running Applications in a Thin Client
Environment
WHAT'S EATING YOUR HARD DRIVE?
DiskPie Pro, NEW from the PCMag.com Utility Library, lets you manage
and reclaim precious hard drive real estate:
* Quickly Identify Space-Hogging Files, Folders
* Find & Manage Your Biggest Files
* Set Limits & Get Alerts When You Exceed Them
* Powerful, Easy-to-Customize Pie Charts Make It Easy!
Download DiskPie Now!
* Shop Now! - Dell Home Solutions Center
* Build your custom desktop or notebook now at MPC!
* Dell Small Business Products
* FREE Double Memory on Select Dell Systems!
* Roadmap for Secure Messaging Strategy – Free Whitepaper
* Microsoft solutions for Healthcare.
* Change for gain. Find out how at www.mercury.com
* Get your FREE Hosted Trial of VS .NET
* Improve IT Efficiency with Windows Server System.
* FREE Security Patch Management Software - Shavlik HFNetChkPro!
* Verizon Business DSL. The best value in broadband
* Get free security management tools from Microsoft
* Get the facts on Microsoft® Windows® and Linux.
* Change for gain. Find out how at www.mercury.com
* Free White Paper: Transform Technical Support into Competitive
Advantage
* Portfolio Management Process White Paper
* Free White Paper: Too Much of a Good Thing is Just Too Much –
Don't Overbuild Your Server Room!
* IBM Middleware for mid-sized companies.
* Middleware is Everywhere. Can you see it?
* IBM Middleware for automation. That's On Demand Business.
* IBM Middleware for software development. That's On Demand
Business.
* IBM Middleware Solutions for Telecom
RELATED LINKS
OctoberPatchFest: The Postmortem
Microsoft Issues Flurry of Fixes on Busy Patch Day
Microsoft Patch Day: The Next Generation
SP2 May Spell Trouble for Agentless Patching
Attack Pierces Fully Patched XP Machines
SECURITY VIEW
Larry Seltzer
Bad Input Bombs Your Program
A simple "fuzzer" program shows that most Web browsers are easily
crashed by malformed Web tags. Who'd have thought that Internet
Explorer would be the most robust!
SECURITY RSS FEED
Want an easy way to keep up collaboration and messaging news, reviews
and opinions? Get eWEEK headlines delivered to your desktop with RSS.
COURSEY'S VIEW
David Coursey
Microsoft's Second Mistake: Boring Upgrades
In Part II of his series on Microsoft's biggest failures, David
Coursey claims the software giant has failed miserably to create
upgrades that excite its users.
SECURITY SPECIAL REPORTS
Canning Spam
E-Mail Worms 2004
Securing Windows
Windows Exposed
BREAKING NEWS
*
10.22.2004
Radvision Builds Videoconferencing Bridge for Istanbul Users
*
10.22.2004
Siemens Medical Garners Health IT Award
*
10.22.2004
Updated: Java Studio Creator Update Targets Mac Developers
*
10.22.2004
Someone Hacked Into Purdue's Computers
*
10.22.2004
EU to Issue Early Ruling on Oracle-PeopleSoft
*
10.22.2004
Aberdeen Report: True Multichannel Sales Desirable but Rare
*
10.22.2004
SVP Beard: Sybase Spreads Its Reach
View All >
SECURITY RESOURCES
View the Security Center list of security resources.
Add the eWEEK.com Security Center to your IE favorites.
Optimizing Your Imaging & Printing Environment
The Growing Security Threat: Your Employees
Email Security in Sarbanes-Oxley Compliance
All White Papers >
FREE NEWSLETTER
Get eWEEK's FREE online newsletters. Fill-in the form below:
* 1. Make your selections:
*
*
Securing the Enterprise
eWEEK News & Views
The Coursey Report
The Channel Insider Update
* 2. Select email format:
*
* 3. Enter email address:
*
View all Newsletters >
Issue Index | Contact Us | About | Advertise | Magazine Customer
Service
eWEEK Quick LInks
Storage Solutions | Networking Security | Network Infrastructure |
Wireless Networking
Database Management Systems | PC Desktops | Web Programming |
Enterprise Solutions
Linux Operating Systems | Mac Operating System | Mobile Messaging |
Internet Telephony
Microsoft Windows News
Contact Us | Advertise | Reprints | Magazine Subscriptions |
Newsletters | RSS Feeds | Tech Shop
White Papers | Tech Courses Online | Headlines for Your Site | Custom
Utilities | Tech Jobs
1UP | Baseline | Business 4Site | CIO Insight | Computer Gaming World
| DevSource | DigitalLife
Electronic Gaming Monthly | eSeminars | eWEEK | Extreme iPod |
ExtremeTech | GMR | Microsoft Watch
Official US PlayStation Magazine | PC Magazine | Small Business Center
| Sync | The Channel Insider
Use of this site is governed by our Terms of Use and Privacy Policy
Copyright © 1996-2004 Ziff Davis Publishing Holdings Inc. All Rights
Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis
Publishing Holdings, Inc. Reproduction in whole or in part in any form
or medium without express written permission of Ziff Davis Media Inc.
is prohibited.
October 20, 2004
Updated: New attack finds yet another leak in local resource security
that Windows XP Service Pack 2 and subsequent patches were supposed to
plug.
A security researcher has discovered a new exploit for Microsoft
Corp.'s Windows XP Service Pack 2 that allows programs to be planted
and executed on fully-patched systems.
ADVERTISEMENT
The researcher, known as http-equiv and operator of the malware.com
Web site, discovered a weakness in the local security zone of Internet
Explorer which, through the use of the HTML Help control, allows
security restrictions in the zone to be bypassed.
In combination with a separate vulnerability, in which drag-and-drop
operations permit executable content to be placed on the system, the
result of the attack is the delivery and execution of potentially
hostile code from an external Web site. The researcher provides a
proof of concept example on the site.
The drag-and-drop component of the example is surprising in light of
Microsoft's recent patching of a related vulnerability. Thor Larholm,
senior security researcher for PivX Solutions, said the Microsoft
patch, designated MS04-038, "does not patch the drag-and-drop problem
directly—instead it tries to prevent its use by limiting the types of
files that can be used in DYNSRC."
DYNSRC specifies the address of a media object used in a Web page. "As
http-equiv demonstrates in his original post, this restriction could
be circumvented," Larholm said.
The problem is relatively minor and can be patched by Microsoft
without too much bother, Larholm said. In the meantime, it can be
circumvented by disabling a particular shell object, Shell.Explorer,
by setting its "kill bit" in the registry. PivX Inc. is providing a
registry fix for doing this on their Web site.
In order to deliver and run the attack code the user must perform a
drag-and-drop operation. In a real-world attack, users would probably
be enticed with a media file such as an image or music, but the file
would contain the attack code, according to a description written by
Symantec Corp.
A Microsoft spokeswoman said the company is investigating reports of a
vulnerability affecting Windows XP Service Pack 2 and earlier versions
of Windows that could enable an attacker to place a malicious file on
a user's system.
"Microsoft is not aware of any customer impact at this time. However
we will continue to investigate the issue to determine the appropriate
course of action to protect our customers. This might include
providing a fix through our monthly patch release process or an
out-of-cycle update, depending on customer needs," she said.
Microsoft also advises customers who have applied the latest Internet
Explorer update, MS04-038, to set the "Drag and Drop or copy and paste
files" option in the Internet and Intranet zone to "Disable" or
"Prompt." Once this setting is changed, the spokeswoman said, the
attack described in the report will not succeed.
In addition, customers who have set their Internet Security zone
settings set to high will not impacted by this vulnerability.
Editor's Note: This story was updated to include additional
information from Microsoft.
PointerCheck out eWEEK.com's Security Center for the latest security
news, reviews and analysis. And for insights on security coverage
around the Web, take a look at eWEEK.com Security Center Editor Larry
Seltzer's Weblog.
horizontal rule
Be sure to add our eWEEK.com Security news feed to your RSS newsreader
or My Yahoo page
Email Order Reprints of this Article.
TALKBACK
Sign In To Talkback! | Register
Fill-in form below to apply.
First Name:
Last Name:
Title:
Company:
Address:
City:
State:
Zip Code:
E-mail:
Cover: October 27 Filter
Renew today
Try digital eWEEK!
Subscription Help
Ziff Davis Partner Sites
# Visual Studio & .Net Dev Center
# Grid Computing
Ziff Davis Featured Sites
# IT Reseller News & Resources
# eWEEK.com Storage Topic Center
FREE ZIFF DAVIS MEDIA ESEMINARS AT ESEMINARSLIVE.COM
# 10/25 - The Road to 64-Bit computing: Bridging the Gap to Itanium
with Aaron Goldberg. Sponsored by PC Connection, Inc. & HP
# 10/26 - How To Catch a Phish: Keep Online Phishing and Fraud Out of
Your Company with Frank Derfler. Sponsored by MailFrontier
# 10/27 - Leverage Both Legislation and Technology to Combat
Fraudulent Spam and Phishing Attacks with Aaron Goldberg. Sponsored by
CipherTrust, Inc.
# 10/27 - The Desktop Access Advantage: Leveraging the Benefits of a
Managed Service with Frank Derfler. Sponsored by Citrix Online.
Nov. 30 - Dec. 1, 2004
Ziff Davis Media eSeminar's Security Virtual Tradeshow will bring
together top security experts for a two-day online event focused
exclusively on the most pressing IT security issues. Through a series
of keynote presentations and interactive panel discussions featuring
government officials, IT corporate executives and leading industry
analysts, this event promises to educate you on growing threats facing
your IT systems.
Register Now!
FREE WHITE PAPERS
Click on a link below to download one of our FREE White Papers:
# Thin Clients: Solving Business Problems at the Point of Data Access
# Digital Data at the Point of Care
# Securing Terminal Services
FREE ESEMINAR
# No Loss in Going Thin: Running Applications in a Thin Client
Environment
brought to you by Wyse
WHAT'S EATING YOUR HARD DRIVE?
DiskPie Pro, NEW from the PCMag.com Utility Library, lets you manage
and reclaim precious hard drive real estate:
* Quickly Identify Space-Hogging Files, Folders
* Find & Manage Your Biggest Files
* Set Limits & Get Alerts When You Exceed Them
* Powerful, Easy-to-Customize Pie Charts Make It Easy!
Download DiskPie Now!
* Shop Now! - Dell Home Solutions Center
* Build your custom desktop or notebook now at MPC!
* Dell Small Business Products
* FREE Double Memory on Select Dell Systems!
* Roadmap for Secure Messaging Strategy – Free Whitepaper
* Microsoft solutions for Healthcare.
* Change for gain. Find out how at www.mercury.com
* Get your FREE Hosted Trial of VS .NET
* Improve IT Efficiency with Windows Server System.
* FREE Security Patch Management Software - Shavlik HFNetChkPro!
* Verizon Business DSL. The best value in broadband
* Get free security management tools from Microsoft
* Get the facts on Microsoft® Windows® and Linux.
* Change for gain. Find out how at www.mercury.com
* Free White Paper: Transform Technical Support into Competitive
Advantage
* Portfolio Management Process White Paper
* Free White Paper: Too Much of a Good Thing is Just Too Much –
Don't Overbuild Your Server Room!
* IBM Middleware for mid-sized companies.
* Middleware is Everywhere. Can you see it?
* IBM Middleware for automation. That's On Demand Business.
* IBM Middleware for software development. That's On Demand
Business.
* IBM Middleware Solutions for Telecom
RELATED LINKS
OctoberPatchFest: The Postmortem
Microsoft Issues Flurry of Fixes on Busy Patch Day
Microsoft Patch Day: The Next Generation
SP2 May Spell Trouble for Agentless Patching
Attack Pierces Fully Patched XP Machines
SECURITY VIEW
Larry Seltzer
Bad Input Bombs Your Program
A simple "fuzzer" program shows that most Web browsers are easily
crashed by malformed Web tags. Who'd have thought that Internet
Explorer would be the most robust!
SECURITY RSS FEED
Want an easy way to keep up collaboration and messaging news, reviews
and opinions? Get eWEEK headlines delivered to your desktop with RSS.
COURSEY'S VIEW
David Coursey
Microsoft's Second Mistake: Boring Upgrades
In Part II of his series on Microsoft's biggest failures, David
Coursey claims the software giant has failed miserably to create
upgrades that excite its users.
SECURITY SPECIAL REPORTS
Canning Spam
E-Mail Worms 2004
Securing Windows
Windows Exposed
BREAKING NEWS
*
10.22.2004
Radvision Builds Videoconferencing Bridge for Istanbul Users
*
10.22.2004
Siemens Medical Garners Health IT Award
*
10.22.2004
Updated: Java Studio Creator Update Targets Mac Developers
*
10.22.2004
Someone Hacked Into Purdue's Computers
*
10.22.2004
EU to Issue Early Ruling on Oracle-PeopleSoft
*
10.22.2004
Aberdeen Report: True Multichannel Sales Desirable but Rare
*
10.22.2004
SVP Beard: Sybase Spreads Its Reach
View All >
SECURITY RESOURCES
View the Security Center list of security resources.
Add the eWEEK.com Security Center to your IE favorites.
Optimizing Your Imaging & Printing Environment
The Growing Security Threat: Your Employees
Email Security in Sarbanes-Oxley Compliance
All White Papers >
FREE NEWSLETTER
Get eWEEK's FREE online newsletters. Fill-in the form below:
* 1. Make your selections:
*
*
Securing the Enterprise
eWEEK News & Views
The Coursey Report
The Channel Insider Update
* 2. Select email format:
*
* 3. Enter email address:
*
View all Newsletters >
Issue Index | Contact Us | About | Advertise | Magazine Customer
Service
eWEEK Quick LInks
Storage Solutions | Networking Security | Network Infrastructure |
Wireless Networking
Database Management Systems | PC Desktops | Web Programming |
Enterprise Solutions
Linux Operating Systems | Mac Operating System | Mobile Messaging |
Internet Telephony
Microsoft Windows News
Contact Us | Advertise | Reprints | Magazine Subscriptions |
Newsletters | RSS Feeds | Tech Shop
White Papers | Tech Courses Online | Headlines for Your Site | Custom
Utilities | Tech Jobs
1UP | Baseline | Business 4Site | CIO Insight | Computer Gaming World
| DevSource | DigitalLife
Electronic Gaming Monthly | eSeminars | eWEEK | Extreme iPod |
ExtremeTech | GMR | Microsoft Watch
Official US PlayStation Magazine | PC Magazine | Small Business Center
| Sync | The Channel Insider
Use of this site is governed by our Terms of Use and Privacy Policy
Copyright © 1996-2004 Ziff Davis Publishing Holdings Inc. All Rights
Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis
Publishing Holdings, Inc. Reproduction in whole or in part in any form
or medium without express written permission of Ziff Davis Media Inc.
is prohibited.
Preguntas similare
Busqueda sugerida
Leer las respuestas