Interesting People mailing list archives
IP: YAMSB Yet another MS security bo-bo
From: Dave Farber <dave () farber net>
Date: Mon, 04 Mar 2002 12:16:40 -0500
------ Forwarded Message From: Tom Van Vleck <thvv () multicians org> Date: Mon, 4 Mar 2002 12:12:09 -0500 To: farber () cis upenn edu Hi Dave, Have you seen the latest MSIE and Outlook virus on The Register? http://www.theregus.com/content/4/24206.html "An attacker can run arbitrary commands on Windows machines with a simple bit of HTML, an Israeli security researcher has demonstrated. The exploit will work with IE, Outlook and Outlook Express even if active scripting and ActiveX are disabled in the browser security settings." Happens with MSIE 5.5+ only according to Bugtraq. It uses a feature called "data binding" that interprets the content of a data field as HTML in the local security zone. The article presents a code snippet that anyone could copy and edit to launch any program, if they know the pathname of it on the target machine. Luckily it appears the attacker can't pass an argument to the program, so can't say "format c:". ------ End of Forwarded Message For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- IP: YAMSB Yet another MS security bo-bo Dave Farber (Mar 04)