Herrline
15th April 2004, 18:15
have a gander at this m8s, if any are inteligent enough to carry out these instructions you may like to do it as there is no update for the vunrability as yet. it came from panda spftware which is an internet virus and other stuff co.
- Vulnerability in the Internet Explorer ITS protocol handler -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, April 13, 2004 - US-CERT has reported -at http://www.us-cert.gov/cas/techalerts/TA04-099A.html - a security flaw in Microsoft Internet Explorer (IE) that could allow an attacker to run arbitrary code with the privileges of the user of the browser.
This vulnerability, which allows an attacker to read and handle data on websites in other domains or zones, lies in how ITS protocol handlers determine the security domain of an HTML component stored in a Compiled HTML Help (CHM) file. The HTML Help system uses the underlying components of Microsoft Internet Explorer.
This security flaw arises when Internet Explorer references an inaccessible or non-existent MHTML file using the ITS and mhtml protocols. As a result, the ITS protocol tries to access the CHM file from an alternate source. The browser treats the CHM file incorrectly, treating it as if it were in the same domain as the unavailable MHTML file. If a specially crafted URL is used in this context, an attacker can cause arbitrary script in a CHM file to be run in a different domain, violating the cross-domain security model.
Internet Explorer, Outlook and Outlook Express are affected by this vulnerability, which can also affect any program that uses the WebBrowser ActiveX Control or the IE HTML rendering engine. At the moment, a solution is not available for this security flaw, and therefore, until a patch is released, it is recommendable to disable ITS protocol handlers by deleting or renaming the following registry keys: ms-its,ms-itss,its,mk, in: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\
NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.
------------------------------------------------------------
The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1) Netsky.P; 2) Netsky.D; 3) Netsky.B; 4) Nachi.B; 5) Downloader.L.
i hope this may be of use to some, take care |bookworm| |smokin| |beer|
- Vulnerability in the Internet Explorer ITS protocol handler -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, April 13, 2004 - US-CERT has reported -at http://www.us-cert.gov/cas/techalerts/TA04-099A.html - a security flaw in Microsoft Internet Explorer (IE) that could allow an attacker to run arbitrary code with the privileges of the user of the browser.
This vulnerability, which allows an attacker to read and handle data on websites in other domains or zones, lies in how ITS protocol handlers determine the security domain of an HTML component stored in a Compiled HTML Help (CHM) file. The HTML Help system uses the underlying components of Microsoft Internet Explorer.
This security flaw arises when Internet Explorer references an inaccessible or non-existent MHTML file using the ITS and mhtml protocols. As a result, the ITS protocol tries to access the CHM file from an alternate source. The browser treats the CHM file incorrectly, treating it as if it were in the same domain as the unavailable MHTML file. If a specially crafted URL is used in this context, an attacker can cause arbitrary script in a CHM file to be run in a different domain, violating the cross-domain security model.
Internet Explorer, Outlook and Outlook Express are affected by this vulnerability, which can also affect any program that uses the WebBrowser ActiveX Control or the IE HTML rendering engine. At the moment, a solution is not available for this security flaw, and therefore, until a patch is released, it is recommendable to disable ITS protocol handlers by deleting or renaming the following registry keys: ms-its,ms-itss,its,mk, in: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\
NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.
------------------------------------------------------------
The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1) Netsky.P; 2) Netsky.D; 3) Netsky.B; 4) Nachi.B; 5) Downloader.L.
i hope this may be of use to some, take care |bookworm| |smokin| |beer|