Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: * Internet Explorer 0-day exploit - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
* Internet Explorer 0-day exploit
the UK group "Computer Terrorism" released a proof of concept exploit against patched versions of Internet Explorer. We verified that the code is working on a fully patched Windows XP system with default configuration.

The bug uses a problem in the javascript 'Window()' function, if run from 'onload'. 'onload' is an argument to the HTML <body> tag, and is used to execute javascript as the page loads.

Impact:
Arbitrary executables may be executed without user interaction. The PoC demo as tested by us will launch the calculator (calc.exe).

Mitigation:
Turn off javascript, or use an alternative browser (Opera, Firefox). If you happen to use Firefox: This bug is not affecting firefox. But others may. For firefox, the extnion 'noscript' can be used to easily allow Javascript for selected sites only.

Open Questions:
We are not sure if paramters can be passed to the executable. If so, the issue would be much more severe.

Please monitor this diary for updates.

I will be teaching next: Defending Web Applications Security Essentials - SANS Security West 2019

Johannes

3507 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!