Explorer 6.x on Windows XP SP2. It is suspected that other versions are
also affected.
V. WORKAROUND
Disable active scripting, if it is not necessary for daily operations,
using the following steps.
1. In IE, click on Tools and select Internet Options from the
drop-down menu.
2. Click the Security tab and the Custom Level button.
be vulnerable.
V. WORKAROUND
Since this vulnerability is triggered through script code, disabling
Active Scripting will prevent the exploitation of this vulnerability.
VI. VENDOR RESPONSE
Microsoft Corp. has released an Out-Of-Band patch which addresses this
issue. Information about downloadable vendor updates can be found by
. Use Internet Explorer's Protocol Lockdown feature control to
restrict the "file" protocol to prevent HTML from UNC path to run script
or ActiveX controls.
. Set the Security Level setting for the Internet and Intranet Zones
to High to prevent IE from running scripts or ActiveX controls.
. Manually disable Active Scripting for the Internet and Intranet
Zone with a custom security setting.
. Only run IE in Protected Mode if it is available on the operating
system.
. Use a different web browser to navigate untrusted web sites.
Internet Explorer versions 6 and 7 are vulnerable.
V. WORKAROUND
Since the vulnerability is triggered through JavaScript, disabling
Active Scripting will prevent the exploitation of this vulnerability.
VI. VENDOR RESPONSE
Microsoft Corp. has released patches which address this issue.
Information about downloadable vendor updates can be found by clicking
We have discovered eight different vulnerabilities of which five should be considered highly critical since they allow remote code execution.
At least five of these vulnerabilities have been confirmed to work in a typical drive-by scenario. All it takes to exploit is to lure a user into visiting a hostile and specifically crafted website. The attack could also be done through SQL and HTML injection. This would allow, if the system is found vulnerable, to run arbitrary code and take complete control of the system or at least with the privileges of the logged on user. In order for this scenario to work it would only require one of the affected ActiveX objects to be installed and Active scripting to be enabled in Microsoft Internet Explorer, which it is by default.
The vulnerability was discovered and reported by Dennis Rand from CSIS Security Group.
Lockdown may affect the functionality of Web applications that rely on
relaxed security configurations of IE.
. Set the Security Level setting to High for the Internet and Local
Intranet security zones to prevent IE from running scripts or ActiveX
controls.
. Disable Active Scripting for the Internet and Local Intranet zones
manually with a custom security setting.
. Use a different web browser to navigate untrusted web sites.
Additionally, disabling file sharing if it is not necessary and
filtering outbound SMB connections at the endpoint or network perimeter
for vendor:
Do a full coverage Code Audit or Code Review
for client:
The following workarounds are available for this vulnerability:
* Disable Active Scripting
* Unregister the vulnerable control
* Set the killbit for the vulnerable control
* or update the software from http://www.bluesky.cn
Explorer versions 6 and 7. Internet Explorer versions 5 and 8 do not
appear to be affected.
V. WORKAROUND
Disabling Active Scripting will prevent this vulnerability from being
exploited.
VI. VENDOR RESPONSE
Microsoft Corp. has released a patch which addresses this issue.
7.0, with all available security patches as of October 22nd, 2007, are
vulnerable. Older versions of Internet Explorer may also be vulnerable.
V. WORKAROUND
Disabling active scripting for the Internet Zone can effectively
mitigate this issue.
VI. VENDOR RESPONSE
Microsoft has officially addressed this vulnerability with Security
and Internet Explorer 7.0 with all available security patches are
vulnerable. Older versions of Internet Explorer may also be vulnerable.
V. WORKAROUND
Disable Active Scripting (JavaScript) to prevent exploitation of this
issue. Applying this workaround will prevent proper rendering of web
sites that rely on JavaScript.
VI. VENDOR RESPONSE
