Author Topic: Attack code targets new IE hole  (Read 4225 times)

0 Members and 1 Guest are viewing this topic.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Attack code targets new IE hole
« on: September 18, 2006, 09:11:18 AM »
Attack code targets new IE hole

Quote
Computer code that could be used to hijack Windows PCs via a yet-to-be-patched Internet Explorer flaw has been posted on the Net, experts have warned.

The code was published on public Web sites, where it is accessible to miscreants who might use it to craft attacks on vulnerable Windows computers. Microsoft is investigating the issue, the company representative said in a statement Thursday.

"Microsoft's initial investigation reveals that this exploit code could allow an attacker to execute memory corruption," the representative said. As a workaround to protect against potential attacks, Microsoft suggests Windows users disable ActiveX and active scripting controls.

The flaw is due to an error in an ActiveX control related to multimedia features and could be exploited by viewing a rigged Web page, Symantec said in an alert sent to users of its DeepSight security intelligence service Thursday. An attacker could commandeer a Windows PC or cause IE to crash, the security company said.

IE versions 5.01 and 6 on all current versions of Windows are affected, the French Security Incident Response Team, or FrSIRT, a security-monitoring company, said in an alert Wednesday.

Quote
The warning of the new flaw comes only days after Microsoft released its September patches. On Tuesday it released three updates, two for Windows and one for Office. The software maker also released a third version of an Internet Explorer fix after it botched the first two versions of the patch.

In recent months, word of new attacks has repeatedly followed shortly after "Patch Tuesday." Some experts believe the timing of the new attack is no coincidence, suggesting that attackers look to take advantage of a full month before Microsoft is scheduled to release its next bunch of fixes.

http://news.com.com/Attack+code+targets+new+IE+hole/2100-1002_3-6115966.html?tag=cd.lede

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48618
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Attack code targets new IE hole
« Reply #1 on: September 18, 2006, 05:08:55 PM »
Quote
IE versions 5.01 and 6 on all current versions of Windows are affected
Another great reason to install IE7.... :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89243
  • No support PMs thanks
Re: Attack code targets new IE hole
« Reply #2 on: September 18, 2006, 05:29:12 PM »
Or use a browser that doesn't have activeX ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48618
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Attack code targets new IE hole
« Reply #3 on: September 18, 2006, 05:35:45 PM »
You can also control how or if active x is used in the security settings of IE.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89243
  • No support PMs thanks
Re: Attack code targets new IE hole
« Reply #4 on: September 18, 2006, 06:18:59 PM »
So two great reasons then that you don't have to use IE7 ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Attack code targets new IE hole
« Reply #5 on: September 25, 2006, 05:49:13 PM »
This one's been seen in the wild too:

http://sunbeltblog.blogspot.com/2006/09/another-zero-day-on-loose-keyframe.html


Quote
Mitigation: The DirectAnimation Path control can be disabled by setting the kill bit for the following CLSID:  {D7A7D7C3-D47F-11d0-89D3-00A0C90833E6}
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Attack code targets new IE hole
« Reply #6 on: October 12, 2006, 10:19:59 AM »
Quote
daxctle.ocx exploit not patched

It’s worth noting that after a hailstorm of patches yesterday by Microsoft, the daxctle.ocx vulnerability was not patched.

We have observed this exploit in action in the wild. However, it is not widely used (the two sites we saw it on are now dead) and it is a pretty crappy exploit (meaning, it doesn’t work all that well). 

Nevertheless, it is an exploit, it has been observed in the wild, and it’s not patched.

Mitigation: The DirectAnimation Path control can be disabled by setting the kill bit for the following CLSID:  {D7A7D7C3-D47F-11d0-89D3-00A0C90833E6} More information about how to set the kill bit is available in Microsoft Support Document 240797. More at CERT.

http://sunbeltblog.blogspot.com/2006/10/daxctleocx-exploit-not-patched.html
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48618
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Attack code targets new IE hole
« Reply #7 on: October 12, 2006, 09:51:43 PM »
How big a microscope are they using to try to find something anything ???
Would any of us withstand that kind of an inspection?
It's almost as though IE where running for office and in order for the opposition
to win, they must find some dirt. Any dirt. Please there has to be something bad I can report...... ;D ;D ;D
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline .: Mac :.

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5093
Re: Attack code targets new IE hole
« Reply #8 on: October 13, 2006, 03:26:07 AM »
IE 7 looks to be the first release I will use on my PC, Ill still keep SeaMonkey Though
"People who are really serious about software should make their own hardware." - Alan Kay