Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » More insecurity in Internet Explorer and OE

More insecurity in Internet Explorer and OE

by Nikola Strahija on June 11th, 2004 Still unpatched, a vulnerability in Internet Explorer and Outlook Express allows spyware programs to install their trojan code and possibly steal sensitive information.


A cross-zone scripting vulnerability and a bug in IE's Local Resource Access pose an "extremely critical" risk to Windows users. Even with a fully patched system, version 6 of Internet Explorer and Outlook Express is still vulnerable.

Service Pack 2 (SP2) for Windows XP, in it's beta state does block exploitation of this vulnerabilities but users of earlier versions of Windows are still at risk.

These vulnerabilities are actively being exploited in the wild and are installing spyware of users systems. Most of the spyware rely on a security hole that breaches from the Internet or Restricted Zone to the Local zone thus being able to run malicious code.

It is well known that one of this vulnerabilities is 10 months old and still hasn't been addressed properly by Microsoft.

Drew Copley has sent a fix for these vulnerabilites. By importing this fix into your registry, a new zone will be added ("My Computer" a.k.a. "Local Zone") which needs to be tightened after the registry values have been imported. This can be done by opening up the "Internet Options" from IE and then going through: Tools > Internet Options > Security > My Computer > Custom Level. There, you should disable every tab under "Microsoft ActiveX controls and Plugins", "Microsoft VM" and "Scripting".

You can download the fix from here:
1. http://www.xatrix.org/download/first.reg
2. http://www.xatrix.org/download/second.reg


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »