Serious flaw in IE7, urged to use another browser till fix!

[LionDen]

It has been announced that a serious security flaw has been found in Internet Explorer 7.











Here is part of what has been said in a news story today:

Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.

The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.

Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.

Here is the Link for the full news story.

Another news story saying 1 in 500 PCs exposed. Click Here for full story.

[ArJay]

damn..I'm always tryna tell people IE sucks and it full of flaws like this....Firefox FTW!!!!

[dope2]

They suggest the following

Change IE security settings to high (Look under Tools/Internet Options)

Switch to a Windows user account with limited rights to change a PC's settings

With IE7 or 8 on Vista turn on Protected Mode

Ensure your PC is updated

Keep anti-virus and anti-spyware software up to date

[Kellie]

^ But is that only if you use IE? do you have to worry if you just use FF?

[LionDen]

Here are some solutions from US CERT:
This website page can be found by clicking here.


Vulnerability Note VU#493881

Microsoft Internet Explorer data binding memory corruption vulnerability


Overview

Microsoft Internet Explorer contains an invalid pointer vulnerability in its data binding code, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description

Microsoft Internet Explorer contains an invalid pointer vulnerability in its data binding code. The vulnerability can be triggered when Internet Explorer or a program that uses Internet Explorer's components renders a document that contains more than one reference to the same data source. This flaw can cause an invalid array size and result in the accessing of memory space of a deleted object. Specially-crafted content that performs data binding, such as an XML or HTML document, can cause IE to crash in a way that is exploitable. Limited testing has shown this vulnerability to affect Internet Explorer 6 and later, up to and including Internet Explorer 8 Beta 2. However, all versions of Internet Explorer from 4.0 and on may be at risk. We have confirmed that Outlook Express is also at risk. Exploit code for this vulnerability is publicly available.

II. Impact

By convincing a user to view a specially crafted document that performs data binding (e.g., a web page or email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.

III. Solution

We are currently unaware of a practical solution to this problem. Microsoft Security Advisory (961051) provides some workarounds, including unregistering oledb32.dll. These workarounds are further explained in the Microsoft SWI Blog.

Disable the Microsoft OLE DB Row Position Library COM object

The most effective way of mitigating this vulnerability appears to be to disable the Microsoft OLE DB Row Position Library COM object. As outlined in the Microsoft Security Advisory, delete the following registry key:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}]

Note that once this change is made, all ADO (ActiveX Data Objects applications that use the RowPosition property and related information and all OLE DB applications that use the OLE DB Row Position Library will not function properly.

Disable Active Scripting

This vulnerability can be mitigated by disabling Active Scripting in the Internet Zone, as specified in the "Securing Your Web Browser" document. Note that this will not block the vulnerability. IE still may crash when parsing specially-crafted XML content. Disabling Active Scripting will mitigate a common method used to achieve code execution with this vulnerability.

Enable DEP in Internet Explorer 7

Enabling DEP in Internet Explorer 7 on Windows Vista can help mitigate this vulnerability by making it more difficult to achieve code execution using this vulnerability.


Systems Affected

Vendor Status Date Notified Date Updated
Microsoft Corporation Vulnerable 2008-12-09 2008-12-10

References

http://www.microsoft.com/technet/sec...ry/961051.mspx
http://blogs.msdn.com/michael_howard...-software.aspx
http://blogs.technet.com/msrc/archiv...ry-961051.aspx
http://msdn.microsoft.com/en-us/libr...88(vs.85).aspx
http://secunia.com/advisories/33089/
http://www.avertlabs.com/research/bl...nd-on-the-web/
http://www.scanw.com/blog/archives/303

Credit

This document was written by Will Dormann.

[deadmanwalkin]

ya i originally read that on yahoo

and i was using ie7

so i immediately switched over to firefox

[JohnCenaFan28]

I'm not gonna open my IE for a long while, thanks for this.

[John]

**Downloads FireFox Now**

[Bad Boy]

i've been using firefox for the past one year, and not even turned to IE...

[wwe9112]

I've never used IE hahahahahaha.