• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • Daily Security Bytes
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

IE Cumulative Patch Fixes Three New Security Flaws

December 13, 2011 By Corey Nachreiner

Severity: Medium

Summary:

  • This vulnerability affects: All current versions of Internet Explorer, running on all current versions of Windows
  • How an attacker exploits it: Typically, by enticing one of your users to visit a malicious web page
  • Impact: Various, in the worst case an attacker can execute code on your user’s computer, gaining complete control of it
  • What to do: Deploy the appropriate Internet Explorer patches immediately, or let Windows Automatic Update do it for you

Exposure:

In a security bulletin released today as part of Patch Day, Microsoft describes three new vulnerabilities in Internet Explorer (IE) 9.0 and earlier versions, running on all current versions of Windows. Microsoft rates the aggregate severity of these new flaws as Important.

The most severe of these three new IE vulnerabilities is another insecure Dynamic Link Library (DLL) loading vulnerability, similar to the ones we’ve described in many previous Microsoft alerts. In a nutshell, this class of flaw involves an attacker enticing one of your users into opening some sort of booby-trapped file from the same location as a specially crafted, malicious DLL file. If you do open the booby-trapped file, it will execute code in the malicious DLL file with your privileges. If you have local administrative privileges, the attacker could exploit this type of issue to gain complete control of your computer. In this particular case, the vulnerability is triggered specifically by HTML files.

In most cases, an attacker would have trouble exploiting this insecure library loading vulnerabilities over a network, or the Internet. Typically, they’d have to entice you to download and save both an HTML and DLL file to your desktop, then open the HTML file, which significantly mitigates the risk of the attack. Theoretically, an attacker could exploit it over a network using UNC or WebDAV locations if then can convince you to add these locations to your Windows PATH. However, that is unlikely as well.

The remaining vulnerabilities consists of a less severe Cross-Site or Cross-Domain Scripting (XSS) flaw and another information disclosure issue. Among other things, an attacker might leverage the XSS vulnerability to view information (such as cookies) from another domain or site, which he shouldn’t have access to; or to execute scripts with another domain or sites privileges. Keep in mind, today’s attackers commonly hijack legitimate web pages and booby-trap them with malicious code. Typically, they do this via hosted web ads or through SQL injectionand XSS attacks. Even recognizable and authentic websites could pose a risk to your users if hijacked in this way.

Solution Path:

These patches fix serious issues.You should download, test, and deploy the appropriate IE patches immediately, or let Windows Automatic Update do it for you.

  • Internet Explorer 6.0
    • For Windows XP (w/SP3)
    • For Windows XP x64 (w/SP2)
    • For Windows Server 2003 (w/SP2)
    • For Windows Server 2003 x64 (w/SP2)
    • For Windows Server 2003 Itanium (w/SP2)
  • Internet Explorer 7.0
    • For Windows XP (w/SP3)
    • For Windows XP x64 (w/SP2)
    • For Windows Server 2003 (w/SP2)
    • For Windows Server 2003 x64 (w/SP2)
    • For Windows Server 2003 Itanium (w/SP2)
    • For Windows Vista (w/SP1 or SP2)
    • For Windows Vista x64 (w/SP1 or SP2)
    • For Windows Server 2008 (w/SP2) *
    • For Windows Server 2008 x64 (w/SP2) *
    • For Windows Server 2008 Itanium (w/SP2)
  • Internet Explorer 8.0
    • For Windows XP (w/SP3)
    • For Windows XP x64 (w/SP2)
    • For Windows Server 2003 (w/SP2)
    • For Windows Server 2003 x64 (w/SP2)
    • For Windows Vista (w/SP1 or SP2)
    • For Windows Vista x64 (w/SP1 or SP2)
    • For Windows Server 2008 (w/SP2) *
    • For Windows Server 2008 x64 (w/SP2) *
    • For Windows 7 (w/SP1)
    • For Windows 7 x64 (w/SP1)
    • For Windows Server 2008 (w/SP1)
    • For Windows Server 2008 x64 (w/SP1)
  • Internet Explorer 9.0
    • For Windows Vista (w/SP2)
    • For Windows Vista x64 (w/SP2)
    • For Windows Server 2008 (w/SP2) *
    • For Windows Server 2008 x64 (w/SP2) *
    • For Windows 7 (w/SP1)
    • For Windows 7 x64 (w/SP1)
    • For Windows Server 2008 x64 (w/SP1) *

* Server Core installations NOT affected

For All WatchGuard Users:

These attacks travel as normal-looking HTTP traffic, which you must allow if your network users need to access the World Wide Web. Therefore, the patches above are your best solution.

Status:

Microsoft has released patches to fix these vulnerabilities.

References:

  • MS Security Bulletin MS11-099

This alert was researched and written by Corey Nachreiner, CISSP.

Share This:

Related

Filed Under: Security Bytes Tagged With: Internet Explorer, Microsoft

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • USA’s Answer to GDPR
  • Rolling PWN

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Private Sector Offensive Actors
  • USA’s Answer to GDPR
  • Rolling PWN
  • Over a Billion Records Leaked in Shanghai National Police Database Hack
  • LockBit Ransomware Group Introduces Bug Bounties and More
View All

Search

Archives

Copyright © 2022 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use