[ISN] Microsoft probes report of IE flaw

InfoSec News isn at c4i.org
Thu Sep 29 00:27:33 EDT 2005


By Joris Evers 
Staff Writer, CNET News.com
September 28, 2005

A new flaw in Internet Explorer could be exploited to launch
spoof-based attacks, or access and change data on vulnerable PCs,
security experts have warned.

The problem lies in the way Microsoft has implemented a JavaScript
component in its Web browser, security researcher Amit Klein wrote in
a research document. Internet Explorer does not validate some data
fields provided by a PC when the component, called XmlHttpRequest, is
used, he wrote.

The vulnerability could be exploited with specially crafted code. An
attacker could spoof a legitimate Web site, access data from the Web
browser's cache or stage a so-called man-in-the-middle attack, which
taps into traffic between a user and another Web site, according to
Klein's write-up.

Fully-patched computers running Windows XP with Service Pack 2 and
Internet Explorer 6.0 are vulnerable to this issue, security
monitoring company Secunia said in an advisory. Secunia rates the
problem as "moderately critical" but says people can avoid the risk by
setting the security level in IE to "high."

Microsoft is investigating the vulnerability report, a company
representative said in a statement. The software maker is not aware of
any attacks that take advantage of the flaw, the representative said.  
Upon completion of the investigation, Microsoft may provide a security
update or emergency fix.
Previous Next Microsoft is unhappy about the way the problem was
disclosed. The company urges security researchers to report problems
in its products privately so it can provide a fix. "This public
disclosure potentially puts computer users at risk," the Microsoft
representative said.

Over the last weeks, several security researchers have come forward
with flaws in Internet Explorer, which is part of Windows. Some of
these vulnerabilities could let an intruder gain control of a user's
PC. Microsoft initially planned to release at least one patch for
Windows earlier this month but pulled it because of quality issues.

Secunia has published 86 security advisories on IE, of which 20 are
currently marked "unpatched" in the Secunia database.

More information about the ISN mailing list