MustangWorks.com - The Ford Mustang Power Source!

Go Back   MustangWorks.com : Ford Forums > Website Community > Blue Oval Lounge
Register FAQ Members List Calendar

Notices


Reply
 
Thread Tools Rate Thread Display Modes
Old 03-01-2002, 06:54 PM   #1
mean81GT
Registered Member
 
mean81GT's Avatar
 
Join Date: Nov 2001
Location: NY
Posts: 299
Default Did anyone else hear about this?

> > Good Afternoon Folks,
> > Just got this about 10 minutes ago. Pretty serious stuff. My advice is
to
> > get this patch ASAP. If you're not sure how to tell which version of
> > Internet Explorer you have:
> > 1- Open up your browser (Internet Explorer)
> > 2-Click on the "Help" section found up at the top of the browser.
> > 3-Click on "About Internet Explorer"
> > You'll find out what the version number of Internet Explorer you have.
>
> --------------------------------------------------------------------------
> >
> > Buffer Overflow in Microsoft Internet Explorer
> >
> > Original release date: February 25, 2002
> > Last revised: --
> > Source: CERT/CC
> >
> > Systems Affected
> >
> > * Microsoft Internet Explorer
> > * Microsoft Outlook and Outlook Express
> > * Other applications that use the Internet Explorer HTML
rendering
> > engine
> >
> >
> > Overview
> >
> > Microsoft Internet Explorer contains a buffer overflow
vulnerability
> > in its handling of embedded objects in HTML documents.
This
> > vulnerability could allow an attacker to execute arbitrary code on
the
> > victim's system when the victim visits a web page or views an
HTML
> > email message.
> >
> >
> > I. Description
> >
> > Internet Explorer supports the <EMBED> directive, which can be used
to
> > include arbitrary objects in HTML documents. Common types of
embedded
> > objects include multimedia files, Java applets, and ActiveX
controls.
> > The SRC attribute specifies the source path and filename of an
object.
> > For example, a MIDI sound might be embedded in a web page with
the
> > following HTML code:
> >
> > <EMBED TYPE="audio/midi" SRC="/path/sound.mid" AUTOSTART="true">
> >
> > Internet Explorer uses attributes of the <EMBED> directive and
MIME
> > information from the web server to determine how to handle an
embedded
> > object. In most cases, a separate application or plugin is used.
> >
> > A group of Russian researchers, SECURITY.NNOV, has reported
that
> > Internet Explorer does not properly handle the SRC attribute of
the
> > <EMBED> directive. An HTML document, such as a web page or HTML
email
> > message, that contains a crafted SRC attribute can trigger a
buffer
> > overflow, executing code with the privileges of the user viewing
the
> > document. Microsoft Internet Explorer, Outlook, and Outlook
Express
> > are vulnerable. Other applications that use the Internet Explorer
HTML
> > rendering engine, such as Windows compiled HTML help (.chm) files
and
> > third-party email clients, may also be vulnerable.
> >
> > The CERT/CC is tracking this vulnerability as VU#932283,
which
> > corresponds directly to the "buffer overrun" vulnerability
described
> > in Microsoft Security Bulletin MS02-005.
> >
> > This vulnerability has been assigned the CVE identifier
CAN-2002-0022.
> >
> >
> > II. Impact
> >
> > By convincing a user to view a malicious HTML document, an
attacker
> > can cause the Internet Explorer HTML rendering engine to
execute
> > arbitrary code with the privileges of the user who viewed the
HTML
> > document. This vulnerability could be exploited to distribute
viruses,
> > worms, or other malicious code.
> >
> >
> > III. Solution
> >
> > Apply a patch
> >
> > Microsoft has released a cumulative patch for Internet Explorer
that
> > corrects this vulnerability and several others. For more
information
> > about the patch and the vulnerabilities, please see Microsoft
Security
> > Bulletin MS02-005:
> >
> > http://www.microsoft.com/technet/sec...n/MS02-005.asp
> >
> > Disable ActiveX Controls and Plugins
> >
> > In Internet Explorer, plugins may be used to view, play, or
otherwise
>
> > process embedded objects. The execution of embedded objects
is
> > controlled by the "Run ActiveX Controls and Plugins" security
option.
> > Disabling this option will prevent embedded objects from
being
> > processed, and will therefore prevent exploitation of
this
> > vulnerability.
> >
> > According to MS02-005:
> >
> > The vulnerability could not be exploited if the "Run
ActiveX
> > Controls and Plugins" security option were disabled in the
Security
> > Zone in which the page was rendered. This is the default
condition
> > in the Restricted Sites Zone, and can be disabled manually in
any
> > other Zone.
> >
> > At a minimum, disable the "Run ActiveX Controls and Plugins"
security
> > option in the Internet Zone and the zone used by Outlook or
Outlook
> > Express. The "Run ActiveX Controls and Plugins" security option
is
> > disabled in the "High" zone security setting. Instructions
for
> > configuring the Internet Zone to use the "High" zone security
setting
> > can be found in the CERT/CC Malicious Web Scripts FAQ:
> >
> > http://www.cert.org/tech_tips/malici...FAQ.html#steps
> >
> > Apply the Outlook Email Security Update
> >
> > Another way to effectively disable the processing of ActiveX
controls
> > and plugins in Outlook is to install the Outlook Email
Security
> > Update. The update configures Outlook to open email messages in
the
> > Restricted Sites Zone, where the "Run ActiveX Controls and
Plugins"
> > security option is disabled by default. In addition, the
update
> > provides further protection against malicious code that attempts
to
> > propagate via Outlook.
> >
> > * Outlook 2002 and Outlook Express 6
> > The functionality of the Outlook Email Security Update is
included
> > in Outlook 2002 and Outlook Express 6.
> > * Outlook 2000
> > http://office.microsoft.com/download.../Out2ksec.aspx
> > * Outlook 98
> > http://office.microsoft.com/download.../Out98sec.aspx
>
> --------------------------------------------------------------------------
> --
> > --------------------
> > That's all the information I've gotten so far. If anything else comes
up,
> > I'll drop you nice people types email on that.
> >
> > Circle the wagons folks, looks like it's going to be a bumpy night,
> > DJ
> >
> > DJ Weininger
> > Webmaster/Internet Security Coordinator
> > Road Runner
__________________
I'm a glutton for punishment.
mean81GT is offline   Reply With Quote
Old 03-02-2002, 04:35 AM   #2
PKRWUD
Junior Member
 
PKRWUD's Avatar
 
Join Date: Mar 1999
Location: Ventura, California
Posts: 8,981
Default

Makes me even happier about using a Mac!

Take care,
-Chris
__________________
Webmaster:
Rice Haters Club
Jim Porter Racing
Peckerwoods Pit Stop


Support Your Local
RED & WHITE!
PKRWUD is offline   Reply With Quote
Old 03-02-2002, 04:12 PM   #3
srv1
Get down.....
 
srv1's Avatar
 
Join Date: Apr 2001
Location: Room 103
Posts: 2,095
Default

Quote:
Originally posted by PKRWUD
Makes me even happier about using a Mac!

Take care,
-Chris
expected, but i have an answer, i use Mozilla! ok your 1 up on me!
__________________
Cobra brakes are on! Finally.....
------------------------------------------------
srv1 is offline   Reply With Quote
Old 03-02-2002, 04:40 PM   #4
shadowblue89
Registered Member
 
shadowblue89's Avatar
 
Join Date: Jan 1999
Location: Las Vegas NV
Posts: 286
Default

Quote:
Originally posted by PKRWUD
Makes me even happier about using a Mac!
Enough said.
I am very happy with my mac and not having all these patches
__________________
Charlie

89 GT 5spd
shadowblue89 is offline   Reply With Quote
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
40 things you'll never hear a Southern boy say... DAN-MAN Blue Oval Lounge 16 11-24-2004 09:12 AM
Cool Tunes I Never Hear Anymore PKRWUD Blue Oval Lounge 21 11-22-2004 11:11 PM
i hear Klunking and a feel Bucking ?! leathal injection Windsor Power 1 04-28-2004 01:24 PM
I can hear you knocking.... jerrys84 Windsor Power 0 04-22-2002 10:40 AM
Attention Joplin/Web City MO, Stangers!! Let me meet w/u and hear your exhaust!! daveGT Windsor Power 0 09-04-2001 01:00 PM


All times are GMT -5. The time now is 08:07 PM.


SEARCH