http://www.infoworld.com/article/04/...Niehole_1.html
New Explorer hole could be devastating
Browser users could be fooled into downloading executable files
To run test click here --> http://secunia.com/Internet_Explorer...Spoofing_Test/
A security hole in Microsoft Corp.’s Internet Explorer could prove devastating. Following the exposure of a vulnerability in Windows XP earlier this week, “http-equiv” of Malware has revealed that Explorer 6 users (and possibly users of earlier versions) could be fooled into downloading what look like safe files but are in fact whatever the author wishes them to be -- including executables.
A demonstration of the hole is currently on security company Secunia’s website and demonstrates that if you click on a link, and select “Open” it purports to be downloading a pdf file whereas in fact it is an HTML executable file.
It is therefore only a matter of imagination in getting people to freely download what could be an extremely dangerous worm -- like, for instance, the Doom worm currently reeking havoc across the globe.
However what is more worrying is that this hole could easily be combined with another Explorer spoofing problem discovered in December.
The previous spoofing problem allowed Explorer users to think they were visiting one site when in fact they were visiting somewhere entirely different. The implications are not only troublesome, but Microsoft’s failure to include a fix for the problem in its January patches has led many to believe it cannot be prevented.
If the same is true for this spoofing issue, then it will only be a matter of time before someone who thinks they are visiting one website and downloading one file will in fact be visiting somewhere entirely different and downloading whatever that site’s owner decides.
We also have reason to believe there is no fix. It may be that today’s flaw is identical to one found nearly three years ago by Georgi Guninski in which double-clicking a link in Explorer led you to believe you were downloading a text file but were in fact downloading a .hta file.
In both cases, the con is created by embedding a CLSID into a file name. CLSID is a long numerical string that relates to a particular COM (Component Object Model) object. COM objects are what Microsoft uses to build applications on the Internet. By doing so, any type of file can be made to look like a “trusted” file type i.e. text or pdf.
Guninski informed Microsoft in April 2001. The fact that the issue has been born afresh suggests rather heavily that the software giant has no way of preventing this from happening.
So how bad could it get? Just off the top of our heads -- suppose someone set up a fake Hutton Inquiry site today with a link to the report’s summaries -- how many people across the U.K. would download a worm this afternoon? And imagine the computers it would end up on.
The possibilities are endless, and since both spoof issues appear to be unfixable, it must surely place a big question mark over Explorer’s viability as a browser.
The advice is to avoid this latest hole is always save files to a folder and then look at them. On your hard drive, the file’s true nature is revealed. But this advice is nearly as practical as Microsoft telling users not to click on links to avoid being caught out by the previous spoof problem.
All in all, it does not look good. Not good at all.
Life Is One Big Ass Orgy. Either You're F**king or Getting F**ked....or Being Mentally Sedated By A Date-Rapist And Just Don't Know It.
Model Your Govenment After The Us, The United States, China. Given Enough Time "Free" People Will Repress Themselves.
Democrat. Republican. Freedom???
Yeah, Riight.
Sell That Shit To The Flag-Wavers.
Fuck a Government.
All Governments Are Repressive.
Thanks for the heads-up. I use Mozilla only.
Never even touch IE besides Windows updates and the occasional website.
Ohh, the wonderful world of Windows.
Unfixable? No no, they can be fixed by using Mozilla/Firebird. :;)both spoof issues appear to be unfixable
Not to spam, (well, ok, i guess i am a bit), but that's why I'd say choose something different from IE. Opera (www.opera.com), or, my personal favorite, Mozilla Firebird (www.mozilla.org). Anything's better then software that has this many security flaws.
maybe they need to make a program called BARS on WiNDOWS.. so no one can throw anything in, or get out of the operating systems =) MICROSOFT needs my thinking.
I use Firebird too. And after reading this, I'm very happy about it.
seriously, ever1 still using IE instead of mozilla, firebird, opera or, deserves what he/she gets. its old news that IE sucks donkeyballs. so theres absolutely no excuse if your getting spoofed.
"ORGANIZED RELIGION is the worst thing that ever happened to mankind. Period." - Anonymous @ MegaGames Board
Posting Permissions
Reply With Quote
Bookmarks