Information Security News: Microsoft rushes to fix IE kill-bit bypass attack

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/s/article/9135950/Microsoft_rushes_to_fix_IE_kill_bit_bypass_attack?taxonomyId=17

By Robert McMillan
IDG News Service 
July 27, 2009 

Microsoft has been forced to issue emergency patches for its Windows 
operating system after researchers discovered a way to bypass a critical 
security mechanism in the Internet Explorer browser.

During a Wednesday talk at this week's Black Hat conference in Las 
Vegas, researchers Mark Dowd, Ryan Smith and David Dewey will show a way 
of bypassing the 'kill-bit' mechanism used to disable buggy ActiveX 
controls. A video demonstration posted by Smith shows how the 
researchers were able to bypass the mechanism, which checks for ActiveX 
controls that are not allowed to run on Windows. They were able to then 
exploit a buggy ActiveX control in order to run an unauthorized program 
on a victim's computer.

Although the researchers have not revealed the technical details behind 
their work, this bug could be a big deal, giving hackers a way of 
exploiting ActiveX problems that were previously thought to have been 
mitigated via kill-bits.

"It's huge because then you can execute controls on the box that weren't 
intended to be executed," said Eric Schultze, chief technology officer 
with Shavlik Technologies. "So by visiting an evil Web site [criminals] 
can do anything they want even though I've applied the patch. "

[...]


_______________________________________________      
Attend Black Hat USA, July 25-30 in Las Vegas, 
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com