[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Microsoft Explorer security hole (fwd)



please publish the exploit.

many many thanks in advance

igor

Ben Holiday wrote:
> 
> 
> 
> ---------- Forwarded message ----------
> Date: Mon, 26 Aug 1996 01:35:07 GMT
> Subject: Microsoft Explorer security hole (fwd)
> 
> On Sun, 25 Aug 1996 13:55:30 -0600 (MDT), Carl Nation
> <[email protected]> wrote:
> 
> To our Resellers/Customers,
> 
> Our sysadmin received this security alert, and we thought we should
> pass it along...
> 
> ------- Forwarded Message
> 
> Date: Wed, 21 Aug 1996 13:12:59 -0400
> From: [email protected] (Ed Felten)
> Subject: Internet Explorer Security Problem
> 
> We have discovered a security flaw in the current version (3.0) of
> Microsoft's Internet Explorer browser running under Windows 95.  An
> attacker could exploit the flaw to run any DOS command on the machine of
> an Explorer user who visits the attacker's page.  For example, the
> attacker could read, modify, or delete the victim's files, or insert a
> virus or backdoor entrance into the victim's machine.  We have verified
> our discovery by creating a Web page that deletes a file on the machine of
> any Explorer user who visits the page.
> 
> The core of the attack is a technique for delivering a document to the
> victim's browser while bypassing the security checks that would
> normally be applied to the document.  If the document is, for example, a
> Microsoft Word template, it could contain a macro that executes any DOS
> command.
> 
> Normally, before Explorer downloads a dangerous file like a Word
> document, it displays a dialog box warning that the file might contain a
> virus or other dangerous content, and asking the user whether to abort the
> download or to proceed with the download anyway.  This gives the user a
> chance to avoid the risk of a malicious document.  However, our technique
> allows an attacker to deliver a document without triggering the dialog
> box.
> 
> Microsoft has been notified and they are working on fixing the
> problem. Until a remedy is widely available, we will not disclose further
> details about the flaw.
> 
> For more information, contact Ed Felten at [email protected] or
> 609-258-5906.
> 
> Dirk Balfanz and Ed Felten
> Dept. of Computer Science, Princeton University
> http://www.cs.princeton.edu/sip/
> 
> ------- End of Forwarded Message
> 
> 
> 
> 



	- Igor.