[ISN] Microsoft Patches IE, Outlook Flaws

From: InfoSec News (isnat_private)
Date: Wed Apr 23 2003 - 21:07:10 PDT

Next message: InfoSec News: "[ISN] Want to Beat the Enemy? Win the Information War"

Previous message: InfoSec News: "[ISN] Cyber War Game Tests Future Troops"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.eweek.com/article2/0,3959,1040373,00.asp

By Chris Gonsalves
April 23, 2003 

Microsoft Corp. issued patches Wednesday afternoon for a series of
newly discovered vulnerabilities in Internet Explorer and Outlook
Express.

Both patches are for vulnerabilities deemed critical, according to
Microsoft's official postings. Both could result in an attacker being
able to execute arbitrary code on a user's system, according to
Microsft TechNet.

In the case of IE, the patch closes four new holes including: a buffer
overrun vulnerability in URLMON.DLL; a vulnerability in IE's file
upload control; a flaw in the way IE handles third-party file
rendering; and a flaw in the way modal dialogs are treated by IE.

Of the four, the buffer overrun is the most troubling as it could
allow an attacker to run code on a user's system if the user were
lured to an attacker's Web site, officials said. The other
vulnerabilities could also result in a compromise of the user's
machine either through a malicious Web site or through a specially
crafted HTML e-mail message.

The Outlook Express vulnerability could allow an attacker to control a
user's machine through a MHTML (MIME Encapsulation of Aggregate HTML)  
URL, either on a Web site or embedded in an HTML e-mail, officials
cautioned. The vulnerability exists in Outlook Express' MHTML URL
Handler that allows any file that can be rendered as text to be opened
and rendered as part of a page in Internet Explorer.

"As a result, it would be possible to construct a URL that referred to
a text file that was stored on the local computer and have that file
render as HTML. If the text file contained script, that script would
execute when the file was accessed. Since the file would reside on the
local computer, it would be rendered in the Local Computer Security
Zone. Files that are opened within the Local Computer Zone are subject
to fewer restrictions than files opened in other security zones,"  
Microsoft officials wrote.

Patches for the two critical vulnerabilities are available on the
Microsoft site for Internet Explorer and Outlook Express.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Want to Beat the Enemy? Win the Information War"
Previous message: InfoSec News: "[ISN] Cyber War Game Tests Future Troops"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 24 2003 - 05:00:28 PDT