On TV.com: Is DEXTER a Little Boring This Season?
BNET Business Network:
BNET
TechRepublic
ZDNet

June 13th, 2007

Exploit Wednesday follows MS Patch Tuesday

Posted by Ryan Naraine @ 11:02 am

Categories: Apple, Botnets, Browsers, Data theft, Exploit code, Hackers, Metasploit, Microsoft, Passwords, Patch Watch, Pen testing, Responsible disclosure, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Security, Attacker, Microsoft Windows, Microsoft Internet Explorer, Microsoft Corp., Exploit, Ryan Naraine

Less than 24 hours after Microsoft shipped fixes for code execution holes in Internet Explorer and Windows, proof-of-concepts for remote exploits are popping up on the Internet.

On security mailings lists and at the Milw0rm.com site, there are at least three exploits circulating. These provide a roadmap for attackers to launch remote attacks to take complete control of an Windows machine.

Two of the three target gaping holes in the dominant Internet Explorer browser — flaws that could be exploited by simply luring the target to surf to a Web page. (See exploit code here and here).

The vulnerabilities — in the Microsoft Speech API ActiveListen and ActiveVoice ActiveX controls — have been patched with the MS07-033 bulletin so it’s important to treat that update with the highest possible priority.
*
[ SEE: ‘Critical’ Vista, IE 7 patches highlight MS security updates ]

Will Dorman of the CERT Coordination Center explains the real-world risks:

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.

This patch applies to Internet Explorer 7 on Windows Vista.

Proof-of-concept code for a third exploit was released by Thomas Lim of COSEINC to provide technical details of of a “critical” flaw in the Secure Channel (Schannel) security package in Windows. This bug was patched with MS07-031.

* See step-by-step instructions on configuring Internet Explorer to run securely in our image gallery.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 55 Talkback(s)
The Article was clear enough
As is usual around here, the headline is the problem, and could easily mislead. However, it did its job and got me to read it! ...<span> (<a href=Read the rest)
Posted by: Freebird54 Posted on: 06/16/07 You are currently: a Guest | | Terms of Use
Here we go again !?!?!?!?  Intellihence | 06/13/07
See my post.  TripleII | 06/13/07
You keep saying that  rapson | 06/13/07
Here you go  TripleII | 06/13/07
Nice!  Linux User 147560 | 06/13/07
Danske Tripell for saving my *ss this time .  Intellihence | 06/13/07
Swiss cheese  Freebird54 | 06/16/07
Dunno about "explicitly"...  Cardinal_Bill | 06/13/07
He did .  Intellihence | 06/13/07
PSSST.....  Shelendrea | 06/13/07
Gotcha  Intellihence | 06/14/07
ROTFL  Shelendrea | 06/13/07
Why do you gloat so?  Duke E. Love | 06/15/07
Rock and a hard place  TripleII | 06/13/07
Microsoft needs ActiveX to destroy Java...  olePigeon | 06/13/07
Performance  PB_z | 06/13/07
ActiveX not inherently (much) more dangerous than Java  toadlife | 06/13/07
Thanks for the info  TripleII | 06/13/07
ROFL!  Chad_z | 06/13/07
Don't forget the rules!  ye | 06/13/07
Ye you are in denial .  Intellihence | 06/13/07
Do your rules cover the 1 million or so botnet victims ?  Intellihence | 06/13/07
They're not my rules.  ye | 06/13/07
They are your rules YE .  Intellihence | 06/13/07
Again: They're not my rules.  ye | 06/13/07
Funny how it seems but you and that zealot and no_ax ,  Intellihence | 06/13/07
Let's find out who's rules they are.  ye | 06/13/07
I don't know what to tell you .  Intellihence | 06/13/07
You can start by answering the two questions.  ye | 06/13/07
I'll answer your question as soon as you answer mine . Look above .  Intellihence | 06/13/07
I'm not surprised you'd avoid it.  ye | 06/13/07
As opposed to your NBM rules?  Rick_K | 06/13/07
There is no one "best" OS. Each has their strengths...  ye | 06/14/07
Ye you never answered my question ?  Intellihence | 06/13/07
Message has been deleted.  NonZeaIot | 06/13/07
Dude, seriously, shut up. [nt]  olePigeon | 06/13/07
Yes, I wish he would  NonZealot | 06/13/07
Shut you two faced hypocrite .  Intellihence | 06/13/07
Nice try at the alias spoofing  NonZealot | 06/13/07
Such immaturity by the ABMers.  ye | 06/13/07
So how is your MacBook Pro doing these days Ye ?  Intellihence | 06/13/07
It's a MacBook clueless one.  ye | 06/13/07
Whatever so how is your MacBook today Ye ?  Intellihence | 06/13/07
Yeah right , now you go back on what you said before ?  Intellihence | 06/13/07
For once, you are useful  NonZealot | 06/13/07
What a baseless claim . What a sham .  Intellihence | 06/13/07
Ryan, how about clarifying?  Narr vi | 06/13/07
I'm not following...  Ryan NaraineZDNet Moderator | 06/13/07
followup  Narr vi | 06/14/07
The Article was clear enough  Freebird54 | 06/16/07
??  Ryan NaraineZDNet Moderator | 06/13/07
response  Narr vi | 06/13/07
This clearly shows the different environments...  Qbt | 06/13/07
Ok Now  Shelendrea | 06/13/07
But think about this  Qbt | 06/13/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
The more you simplify, the more you save
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
Learn more >>
Keep Up With The Latest In Document Management with The DocuMentor.
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
Learn more >>
Reduce risk. Reduce complexity. Increase reliability.
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
Learn more >>
The best support in the Linux business
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
Learn more >>
The best support in the Linux business
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
Learn more >>
Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
Learn more about the free, six-month trial offer>>
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More