Microsoft IE Scripting vulnerability > Forums

Unanswered

Active Topics

Forums

Forums > Viruswarning Forum > Viruswarning archive

Subject: Microsoft IE Scripting vulnerability

Email me when someone replies to this thread.

You are not authorized to post a reply.

Author

Messages

Lee Drake
Posts:238

06/16/2004 12:11 PM
What it is Microsoft Internet Explorer has a vulnerability which would allow a malicious web page to install software or run code of it's choice on your computer. There is NO PATCH at this time for this vulnerability. Although you cannot at this time automatically run a web page in Outlook or Outlook Express if the security zone is set to restricted - you could click on a link in an email that took you to another page that exploits this vulnerability on the internet. What should you do? The only remedy at this time is to avoid running scripting on websites (disable or limit scripting in your browser). This may cause some websites not to work. Until Microsoft announces a patch for this problem we advise that you either disable active scripting (see instructions below) or be very careful about what sites you visit - especially unsolicited links in emails or spam. The site 180Solutions for instance (please DO NOT visit this site) installs spyware on your machine using the vulnerability. Using a program such as Spybot Search and Destroy (now out in a new version) or good antivirus software will help to mitigate the risk, but a patch is really the only long term answer. If you only visit sites KNOWN TO BE GOOD you do not need to disable active scripting at this time. To disable active scripting: Run Internet Explorer Choose Tools/Internet options and click on the security tab Click on the Internet Zone Select Custom level, change the security setting to HIGH on this pulldown Click the RESET button, you will be prompted with an "ok to confirm" Scroll through the settings and change the following items: Script ActiveX controls marked safe for scripting: Disable or Prompt - prompt will pop up a prompt allowing you to choose whether to run the script or not Java Permissions - Choose Disable or Prompt If you don't have Java and are using Microsoft VM - Disable or Prompt Active Scripting - Disable or Prompt Click OK to save these changes Note that setting these settings to disabled will make many sites that rely on tools such as Flash to not operate properly. Setting them to Prompt will enable you to at least CHOOSE whether you want to run the script or not (but makes browsing more tedious due to the pop-up message boxes). To set back again - go through these steps and set the various modes back to enabled, ONLY AFTER you have patched the system At this time there are known websites exploiting this vulnerability to install spyware - but no known internet worms or viruses other than spyware. Further references Instructions for disabling Active Scripting: http://www.cert.org/tech_tips/malicious_code_FAQ.html#steps CERT Information about the vulnerability: http://www.us-cert.gov/cas/techalerts/TA04-163A.html Microsoft note on strengthening internet explorer security: http://support.microsoft.com/default.aspx?scid=833633 Technical information from CERT on this vulnerability: http://www.kb.cert.org/vuls/id/713878 Lee Drake Aztek Computer Solutions, Inc. 274 N. Goodman St. Ste B269 Rochester, NY 14607 the human side of computing Email: ldrake@azcomputer.net Web: www.azcomputer.net Office Phone: 585-242-2060 Fax number: 585-242-9441 Cell number: 585-509-0284

You are not authorized to post a reply.

Forums > Viruswarning Forum > Viruswarning archive > Microsoft IE Scripting vulnerability

ActiveForums 3.6