Re: IE and Secunia SA12889

[Gary Flynn <flynngn () JMU EDU>]

Gary Dobbins wrote:

> Has anyone had unusual concerns [more than usual]

No more than usual. IE has had several of these
found in the past year with no patches available.

I'm to the point I don't trust any browser with
scripting enabled to safely traverse the net.

> about the IE
> vulnerability recently described on Secunia:
> http://secunia.com/advisories/12889/

I believe, but am not sure, that the Help related
problem was addressed with the MS05-001 update
released today.

Notice I didn't say fixed because the update just
appears to disable existing functionality that is
evidently unsafe to expose to untrusted web sites.
http://www.microsoft.com/technet/security/Bulletin/MS05-001.mspx

Some web apps will be affected. The "fix" is to re-enable
the functionality. One must be very careful that it is
re-enabled only for the most trusted sites.
http://support.microsoft.com/kb/892675

> "Some vulnerabilities have been discovered in Internet Explorer, which can
> be exploited by malicious people to compromise a user's system, conduct
> cross-site/zone scripting and bypass a security feature in Microsoft
> Windows XP SP2.
> "
>
> Some have indicated it's exploitable without user intervention upon
> arriving at a hostile site.

As have been many others over the past year or two and
subsequently used for drive-by installations of spyware
and worse.

A somewhat dated graph of IE exploit activity we see
here is at:
http://www.jmu.edu/computing/security/info/ie-exploit.shtml

The newer HTML Help related exploit activity picked up a
couple weeks ago. Small graph attached. Not sure if it will
make it through the list.

--
Gary Flynn
Security Engineer
James Madison University

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.