Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
AOC CU34G2X monitor review
TeamGroup CX2 1TB SATA3 SSD review
EVGA GeForce RTX 3070 FTW3 Ultra review
Corsair 5000D PC Chassis Review
NZXT Kraken X63 RGB Review
ASUS Radeon RX 6900 XT STRIX OC LC Review
TerraMaster F5-221 NAS Review
MSI Radeon RX 6800 XT Gaming X TRIO Review
Sapphire Radeon RX 6800 NITRO+ review
Corsair HS70 Bluetooth Headset Review

New Downloads
Prime95 download version 30.4 build 7
AIDA64 Download Version 6.32.5620 beta
3DMark Download v2.16.7117 + Time Spy
Crystal DiskMark 8.0.1 Download
Corsair Utility Engine Download (iCUE) Download v3.37.140
ReShade download v4.9.1
GeForce 461.09 WHQL driver download
Intel HD graphics Driver Download Version: DCH 27.20.100.9126
HWiNFO Download v6.41–4345 Beta
MSI Afterburner 4.6.3 Beta 4 Download


New Forum Topics
Radeon Adrenalin Edition 20.12.1 driver download & disccussion Best Driver for 1050 Ti Nvidia GeForce Driver Version 461.09 Download & Discussion Review: EVGA GeForce RTX 3070 FTW3 Ultra Failed/Bad Asrock Phantom Radeon 6800? New GPU or wait? Intels new CEO Pat Gelsinger welcome package is valued at $116 million NVIDIA and AMD Graphics card shortages to last thoughout H1 2021 Does a really good silent video card exist? Samsung Introduces Consumer SATA SSD Series, the 870 EVO




Guru3D.com » News » IE Zero day Vulnerability. Work arounds available.

IE Zero day Vulnerability. Work arounds available.

by Watcher on: 12/15/2008 06:29 AM | source: | 0 comment(s)

Microsoft issued a security advisory with workarounds for dealing with hacker attacks targeting a zero-day flaw in Internet Explorer 7. Users await word as to when to expect a patch or an update to fix the IE 7 browser security issue.

Microsoft has issued an advisory to help users deal with a zero-day flaw affecting Internet Explorer.

In an update, Microsoft stated the flaw affects not only Internet Explorer (IE) 7 as originally thought, but also versions 5 and 6. However, as of Dec. 11, Microsoft had only seen attacks against IE 7. "The vulnerability exists as an invalid pointer reference in the data binding function of Internet Explorer," according to Microsoft. "When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object's memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable."

The vulnerability itself is a memory corruption error in the handling of DHTML data bindings. The attacker does a "heap spray" and then an invalid pointer dereference in an array of data binding objects. They don't exactly give proof of concept code, but this is more than they usually say.

The workarounds fall into three classes, those that:

    (A) block access to the vulnerable code in MSHTML.dll via OLEDB, protecting against current attacks
    (B) apply the most secure configuration against this specific vulnerability.
    (C) make it much harder to heap spray.

Workaround A B C
1. Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones
X X
2. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
X X
3. Restrict Internet Explorer from using OLEDB32.dll with an Integrity Level ACL X

4. Disable Row Position functionality of OLEDB32.dll X

5. Unregister OLEDB32.DLL X

6. Use ACL to disable OLEDB32.DLL X

7. Enable DEP for Internet Explorer 7 on Windows Vista and on Windows Server 2008

X
8. Disable Data Binding support in Internet Explorer 8 X X

The (A) workarounds, are more desirable because they disable the least functionality, and some of them are very targeted. The (B) workarounds, if you ask me, may be necessary but are undesirable. Breaking scripting breaks a lot of software and prompting for it is of dubious value because users won't know which prompts to say yes to. The only (C) entry that's really interesting is to enable DEP and you should do that irrespective of this issue. Microsoft recommends one from column (A) and, to be really comprehensive, one from column (B). I guess they have to say this.

More here.







« The Dark Knight selling 600,000 Blu-ray copies in first week · IE Zero day Vulnerability. Work arounds available. · AMD Athlon X2 7750 BE review [Guru3D] »


Guru3D.com © 2021