New vulnerability in IE

[polonus]

Hi forum members,

A Dutchman found a new hta vulnerability in IE with which a computer can be taken over. Read:
http://jeffrey.vanderstad.net/grasshopper/
The code will be published whenever the MS patch is there.

polonus

[justin1278]

Hi,

Wow I am glad that a hacker didn't find it and that the person alerted Microsoft. It appears that they won't patch it in IE 6 but we will have to wait until IE 7 (I think).


~justin1278

[bob3160]

We have been trying to get this fix into the next IE release, but it's been a lot of work to do that as it's relatively late in the cycle. It looks like it will make it in though.

I should hope so. If you know the envelope is broken, why even bother sending it out???
I do have to admit that there have been quite a few improvement made in IE 7.
There are many more that could still be made.

[polonus]

Hi Justin1278 and bob3160,

They will patch it in the coming patching round (which of course will be on a Tuesday), it is that critical, and there are more of these hta holes. There was one in 2004, we have already forgotten about that one, and if I remember right it is the malware vector of KAK worm. So there is nothing new under the sun, and malware artists re-invent the same patterns over and over again (HTA holes enable to load RATs, like for instance Q trojan).

If you want to do something about it now, there is a free solution HTASTOP: http://www.nsclean.com/htastop.html

polonus

[justin1278]

Hi Polonus,

That is certainly good news to know.

[CharleyO]

***

Well, I was on the January version of IE7 Beta2 but as of today, I have the March 20th version. So far, this one seems a little more stable. And hopefully, that hta vulnerability is not in IE7.


***

[polonus]

Hi Charley,

Again it is not the IE that is the problem here, it is the Microsoft Scripting Machine that is causing these holes. Bitdefender's AVX Script Wall protects you here from all sides, also in a program like Outlook etc.
One thing we should never have had was Active-X, it was a big mistake from the very start. HTA vulnerabilities now where you think you download a pdf.file and you get some nasty malware downloaded in stead proof this.
If these vulnerabilities are not tackled for good, I would choose an alternate browser still. With IE7 they have come a long way, but it is not all convincing. Windows XP SP2 33 security updates in 6 days (including a Sunday).

polonus

[CharleyO]

***

Yeah, I understand, Polonus. And I agree that Active-X is not really a good thing. Unfortunately, it is here and too many will use it or allow it to be used.

It appears, though, from an update posting at that link ......

http://jeffrey.vanderstad.net/grasshopper/

... that IE7 may be safe from this vulneribility.

Some answers                                                                     March 22, 2006 
____________________________________________________________________
Good news, yesterday I installed Internet Explorer 7 ßeta2 preview, the
exploit DOES NOT WORK in this browser.
 

Perhaps MS found a way to close this hole and, thus, released the March 20th version of IE7.
      

As for me, I never have liked PDF files ... there has always seemed to be something not quite right about them. I never use them unless I have no other choice and it must be done. Well, maybe it's just me as far as PDF files go.   


***

[TedNelly]

Simple solution!!  Use another browser    as long a IE is a M$ product every man and his dog will
try to pump holes in it, the worrying part is that they keep finding them  :'(

[polonus]

Hi tednelly,

I agree with you there. But while you are at that, and I use my alternate browsers, FF and Flock, from a mem stick (no traces on the comp, unless you do not go there to upload), you cannot and must not forget about keeping the IE up to date and fully patched, because it stays such an integral part of your OS. MS has built it so deep inside your OS, that it can harm you even through alternate browsers in some cases. Actually there is no difference between access of IE and Windows Explorer on your system in a sense, although with Windows Explorer you cannot browse.

polonus

[TedNelly]

Hi tednelly,

I agree with you there. But while you are at that, and I use my alternate browsers, FF and Flock, from a mem stick (no traces on the comp, unless you do not go there to upload), you cannot and must not forget about keeping the IE up to date and fully patched, because it stays such an integral part of your OS. MS has built it so deep inside your OS, that it can harm you even through alternate browsers in some cases. Actually there is no difference between access of IE and Windows Explorer on your system in a sense, although with Windows Explorer you cannot browse.

Thanks polonus mate I understang that IE & WEx are deeped rooted in the M$ OS and that without them we to would be rooted however WEx just sits there on my system and the tabbed xplorer² does its job. FF used as main browser (No Comment on Flock)    and when I can find another way of keeping  XP up to date without using IE  I'll use it, However until then matey I agree IE is the gun!! the only gun

[DavidR]

<snip>
you cannot and must not forget about keeping the IE up to date and fully patched, because it stays such an integral part of your OS.
<snip>
Actually there is no difference between access of IE and Windows Explorer on your system in a sense, although with Windows Explorer you cannot browse.

This is the major reason IE won't see the light of day as my primary browser until it is completely separate from the OS (exploit the browser, exploit the OS). With notable exception when visiting windows update and even then I try to use one of the IE-based browsers. It is very true that it is essential to keep it up to date because of its OS integration.

I have explorer.exe blocked in my firewall as if you try typing a URL into the explorer Address bar, off it will go to that web site, see images and blocking, etc.

[bob3160]

and when I can find another way of keeping  XP up to date without using IE  I'll use it, However until then matey I agree IE is the gun!! the only gun

Maybe this will help???
http://forum.avast.com/index.php?topic=16849.msg152230#msg152230

[DavidR]

Have you or antone else tried it (windizupdate) Bob ?

I did with firefox 1.5.1 (installed the plug-in) to download one optional update (AC97 Audio Driver) as a trial and that failed. I will check again after the next batch of windows updates and see what other non-critical updates might be there.

[bob3160]

Have you or antone else tried it (windizupdate) Bob ?

I did with firefox 1.5.1 (installed the plug-in) to download one optional update (AC97 Audio Driver) as a trial and that failed. I will check again after the next batch of windows updates and see what other non-critical updates might be there.

I did before I made the post. As I do with all of the apps. in that series.
I haven't recently since I use windows update and as all of you know by now GreenBrowser (IE based browser).