Feeds

Really critical hole in Microsoft Web software

Unchecked buffer

  • alert
  • submit to reddit

Build a business case: developing custom apps

ComputerWire: IT Industry Intelligence

Just one day after raising the threshold beyond which it considers security vulnerabilities "critical", Microsoft Corp released a security advisory saying there is a "critical" hole in its browsers and web servers that could cause serious problems, even if it is patched.

There is an unchecked buffer in Microsoft Data Access Components (MDAC) prior to version 2.7, the company said. MDAC is a "ubiquitous" technology used in Internet Explorer and the IIS web server. The buffer can be overrun with a malformed HTTP request, allowing arbitrary code to be executed on the target machine.

"This vulnerability is rated critical because an attacker could take over an IIS server or an Internet Explorer client and run code," Microsoft warned. "Any IIS server with MDAC and all Internet Explorer clients should apply the patch immediately."

Since Tuesday, Microsoft has defined "critical" as: "A vulnerability whose exploitation could allow the propagation of an internet worm without user action." This suggests this latest vulnerability could give rise to a virus as dangerous as Code Red, which spread to thousands of IIS servers last year.

To make matters worse, it is currently possible to make patched systems vulnerable again, Microsoft said.

Normally, when an ActiveX control is vulnerable to an attack, Microsoft's patch merely delivers a new, invulnerable control and sets a "Kill Bit" on the old one. Controls with set Kill Bits cannot be invoked by Internet Explorer. However, in this case it is not possible to set the Kill Bit without rendering countless web sites unreadable, Microsoft said.

A malicious attacker would be able to reintroduce the vulnerable control with just a specially HTML document. Users that have their browsers configured to trust Microsoft-signed ActiveX controls by default would have the vulnerability reintroduced without their knowledge.

Without a hint of irony, the company recommends removing "Microsoft" from IE's Trusted Publisher list (accessible via IE's Internet Options menu), in order to prompt a warning whenever a Microsoft-signed ActiveX control attempts to install itself. The company is working on a more permanent fix.

© ComputerWire

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?