Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Microsoft patches IE browser security hole

From: InfoSec News <isn () C4I ORG>
Date: Mon, 3 Jul 2000 18:20:37 -0500
http://news.cnet.com/news/0-1003-200-2196730.html?tag=st.ne.1430735..ni

By Stephanie Miles
Staff Writer, CNET News.com
July 3, 2000, 8:45 a.m. PT

Microsoft today issued a patch for an Internet Explorer bug that uses
files from the software maker itself to crash computers.

Because of flaws in Internet Explorer's "Active Setup Download"
technology, hackers or malicious Web site operators could potentially
crash Internet-connected computers by overwriting files.

Active Setup is a feature of IE designed to speed download times.
Rather than transfer an entire collection of files or applications,
Active Setup detects which specific files are needed and downloads
only those files, according to Microsoft.

The problem highlights a growing security concern, as more PC users
download files from sometimes dubious origins, some of which contain
viruses or malicious programs that can crash computers. It is fairly
rare, however, that files bearing Microsoft's seal of approval are
used to crash computers.

Active Setup treats all Microsoft-based files as trusted, which means
the browser will automatically download them without asking for
permission. A malicious programmer can theoretically access
Microsoft-signed files from a Microsoft Web site, where they are
freely available, and include these trusted files as part of a
download.


From there, the flaw works much as a "denial of service"

vulnerability, overwhelming a computer with normally harmless data.
The downloading files, which would contain a Microsoft digital
signature and thus pass through Active Setup without alerting computer
users, could be sent to a specific file path, overwriting existing
files and causing a system crash.

"The point of the attack would not necessarily be to try to install
the update--it would be simply to overwrite some file on the user's
disk," according to Microsoft's bug alert, which went out today. "For
instance, if the malicious Web site operator overwrote a crucial file
on the disk, he could potentially render the machine inoperable."

The bug does not allow malicious users to access information stored on
the computer or do anything but crash the system, according to
Microsoft.

Microsoft today issued a patch that updates the Active Setup feature
to treat Microsoft files like files from all other origins, asking for
a computer user's approval before downloading them.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: