Links
- Other Posts
- CDC Phishing Email
- Two New Browser Threats
Microsoft Internet Explorer 6 and 7 Remote Code Execution Vulnerability
GSA Reference Number: AD091124-01
Simply Put: Microsoft Internet Explorer (IE) 6 and 7 are vulnerable to a remote code execution vulnerability. This vulnerability was released to the public earlier this week. Currently, this exploit is not deemed reliable, meaning that it is difficult to exploit consistently. However, there will most likely be a reliable version released in the near future. This exploit also could be triggered by an HTML email message if using Microsoft Outlook, Outlook Express, or Microsoft Mail, as these products use IE to display these messages.
Vulnerability Details: This attack can be triggered by a malicious website or email message that references a CSS/Style object that has been deleted. When IE attempts to access the file, it could be forced to run malicious code instead. Only IE 6 and 7 are vulnerable. IE 5.01 SP 4 and IE 8 are not affected by this issue.
Countermeasures: Microsoft is currently working on a patch, but, thus far, no release date has been issued. Gladiator recommends that users upgrade their Internet Explorer to version 8, if possible. If such an upgrade would cause incompatibilities with existing software, then Gladiator recommends users install a different browser, such as Firefox or Chrome, for browsing the Internet. IE can still be used for local application or trusted site access. Gladiator also recommends that users disable the email preview pane in Microsoft Outlook and Outlook Express until this issue is patched, and that users do not open any unsolicited emails. Updating virus definition files may also aid in detecting this exploit.
Reference Links:
- Microsoft Advisory (http://www.microsoft.com/technet/security/advisory/977981.mspx)
- SANS Diary Entry (http://isc.sans.org/diary.html?storyid=7624)
- Symantec Diary Entry (http://www.symantec.com/connect/blogs/zero-day-internet-explorer-exploit-published)