two
Volume 3, Number 34 -- October 4, 2006

IE Flaw Spawns Web Attacks, Another Third-Party Patch

Published: October 4, 2006

by Alex Woodie

The newly discovered "WebViewFolderIcon" flaw in Internet Explorer is being used to launch attacks and spread malware on the Internet, Microsoft warned in a security advisory last week. And for the second week in a row, the group of researchers calling themselves the Zeroday Emergency Response Team (ZERT) has released a patch that purportedly fixes the problem.

According to Microsoft Security Advisory 926043, exploit code is currently available on the Web for the newly found buffer overflow vulnerability in WebViewFolderIcon, which opens the door for attackers to install malware or take control of systems when users try to open a malformed ActiveX control in Windows 2000, Windows XP, and Windows Server 2003.

Malformed Web sites are the most likely form of distribution for vectors using this flaw, which is called "setSlice" by some security organizations. It has been estimated that 600 Web sites are infected or will soon be serving malformed ActiveX controls utilizing the WebViewFolderIcon. Windows Server 2003 users are not as susceptible to infection because ActiveX for IE is disabled by default, the software giant says.

Microsoft is working on a patch, and expects to have it ready by the October 10 "Patch Tuesday" event, which is less than a week away.

However, ZERT appears to have beat Microsoft at the patch game for the second week in a row. The group updated its ZProtector product to guard users against the new vulnerability; it can be downloaded at the group's Web site at zert.isotf.org .

Another third-party patch was issued by Determina, a security software company based in Redwood City, California. The company's free product "The Shield" will protect users against the exploit code on all versions of Windows, and won't interfere with the official Microsoft patch when it becomes available, the company says.

As is the case with all third-party patches, Microsoft doesn't sanction their use, and recommends that users hold tight until it can fully test its patch and release it with confidence.


RELATED STORIES

Microsoft Issues Out-of-Cycle Patch for VML Flaw

Microsoft Patches WMF Flaw Early, Issues Two Additional Patches

Sponsored By
MICRO FOCUS

Lift and Shift . . .
your mainframe and proprietary COBOL applications to Linux . . .
and dramatically lower your hardware and software costs, while increasing your agility.

Eliminate the cost and risks of a rewrite by reusing and integrating your existing COBOL applications with Web services, XML and J2EE.

Develop, extend and deploy your applications with
Micro Focus Server Express and Enterprise Server.

Learn more at:
www.microfocus.com/products/serverexpress
Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

Vision Solutions:  Get facts on managed availability and business continuity to eliminate downtime
Wolf Computer Consulting:  Reliable service and affordable rates for business computing needs
COMMON:  Join us at the Spring 2007 conference, April 29 - May 3, in Anaheim, California

 
THIS ISSUE SPONSORED BY:

OpenLogic
MKS
World Data Products
Lakeview Technology
Micro Focus



TABLE OF CONTENTS
Microsoft Boosts PC Management with DesktopStandard Buy

EC Widens Vista Probe as Microsoft Appeals Fine

Intel Previews Quad-Core Chips, Talks Up Massively Cored RISC

Top 10 Requirements for High Availability

But Wait, There's More:

IE Flaw Spawns Web Attacks, Another Third-Party Patch . . . Beta Starts for New Microsoft Security Product . . . VMware Extends ESX Server to 64 Bits, Betas New P2V Converter . . . MaintenanceNet Launches Campaign Manager . . . Microsoft Research Celebrates 15th Birthday . . . Microsoft Promotes Boit to Boost Partner Solutions . . .

The Windows Observer

BACK ISSUES

The Four Hundred
Bang for the Buck: Big Iron Boxes, Even Bigger Bucks

Shearer Talks Up the Strengths of the System i

Chip Makers Embrace Co-Processors, Again

COMMON is Fun Again

The Linux Beacon
Intel Previews Quad-Core Chips, Talks Up Massively Cored RISC

Red Hat's Q2 Profit Drop Disappoints Wall Street

OpenSparc Project Taps Advisory Board, Sees Linux Momentum

Chip Makers Embrace Co-Processors, Again

Big Iron
A Joint Assault on the Mainframe Hardware Market

Top Mainframe Stories and Vendor Announcements

Chats, Webinars, Seminars, Shows, and Other Happenings

The Unix Guardian
Intel Previews Quad-Core Chips, Talks Up Massively Cored RISC

Chip Makers Embrace Co-Processors, Again

IBM to Try Selling Technical Services as Products

As I See It: Pretexting


 
Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement