Posted by Virus Bulletin on Oct 2, 2006
Newly patched browser vulnerable to more malware.
Microsoft's beleaguered Internet Explorer browser is once again the subject of security worries, as another fully functioning exploit is unveiled.
The vulnerability, first publicised in July as part of H. D. Moore of Metasploit's 'Month of Browser Bugs', was originally exploited only by a DoS attack that crashed the browser. Now Moore has released details of a new exploit capable of launching arbitrary code on fully patched machines.
The flaw is in the ActiveX control 'WebViewFolderIcon'. Many malicious sites are reported to be making use of the exploit. Secunia has rated the flaw as 'extremely critical' and SANS went to yellow alert status after numerous reports, with both websites and ecards carrying exploit code.
'This latest stream of bugs is causing serious damage to IE's already bad reputation,' said John Hawes, Technical Consultant at Virus Bulletin. 'Microsoft must be hoping Vista and IE7 will prove more resilient, but the odds already look to be pretty heavily stacked against them.'
The Secunia alert is here, and one from USCert is here. A Microsoft advisory, here, points out that users of Windows Server 2003 should be safe from the attacks.
Posted on 02 October 2006 by Virus Bulletin
