1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Microsoft warns of zero-day Windows flaw

Discussion in 'Article Discussion' started by arcticstoat, 31 Jan 2011.

  1. arcticstoat

    arcticstoat New Member

    Joined:
    19 May 2004
    Posts:
    916
    Likes Received:
    13
  2. mi1ez

    mi1ez Active Member

    Joined:
    11 Jun 2009
    Posts:
    1,442
    Likes Received:
    18
    These things happen, at least there's a temporary workaround. Does this only affect IE then?
     
  3. Zurechial

    Zurechial Elitist

    Joined:
    21 Mar 2007
    Posts:
    2,045
    Likes Received:
    99
    I'm not usually one to jump on the Anti-Microsoft bandwagon and I'm no security expert either, but these kind of flaws make me wonder what the point of UAC is in Vista/7 if applications like IE can operate outside of their purpose (ie; web browsing) without user direction.
    Why is IE running in a security context with that level of system access to begin with? I don't recall ever having to pass a UAC prompt to load up IE, so why does the browser have that level of access to the rest of the system?

    I sometimes get the feeling that Microsoft gives its own applications secure access by default because "It's signed by us, it can't possibly be harmful".
    Or have I missed something crucial here?

    I know we can google it, but it'd be nice if this article provided even a vague description/explanation of MHTML lockdown mode!
     
    Last edited: 31 Jan 2011
  4. maximus09

    maximus09 Forever n00b

    Joined:
    8 Jun 2009
    Posts:
    366
    Likes Received:
    2
    does this affect other browsers then?
     
  5. Shichibukai

    Shichibukai Resident Nitpicker

    Joined:
    29 Sep 2009
    Posts:
    137
    Likes Received:
    4
    When will the list of failures end >.>
     
  6. Enzo Matrix

    Enzo Matrix New Member

    Joined:
    12 Nov 2010
    Posts:
    10
    Likes Received:
    0
    So if this an IE security flaw? I was under that impression until this statement:
    "affects all versions of Windows, including Windows 7 and Windows Server 2008 R2"

    This is misleading because this would not need to be stated if it were simply an IE flaw. Please clarify.
     
  7. Yslen

    Yslen Lord of the Twenty-Seventh Circle

    Joined:
    3 Mar 2010
    Posts:
    1,965
    Likes Received:
    48
    So even for the poor fools using IE this major security flaw is rendered completely harmless simply by having UAC on? That's how I read it anyway.

    "The same security context as Internet Explorer" surely means just that; if UAC is off and the user is on an Admin account the malicious code will have access to anything, but with UAC on and a restricted account the code is pretty powerless to affect anything.

    To be honest this sounds like a non-issue. It only affects people who are daft/uninformed enough to be running Internet Explorer with most of Windows' security features manually switched off.
     
  8. tad2008

    tad2008 New Member

    Joined:
    6 Nov 2008
    Posts:
    332
    Likes Received:
    3
    It is highly unlikely that UAC will stop this flaw as those who still use IE will already have granted it "authorised" access. So if it then decides to do something unauthorised, then well, it's already authorised to do that. If it was to try to interact with other parts of the OS like the control panel then UAC would most likely be able to step in and warn you.

    As for MHTML or Mime HTML, this is used by Microsoft Word, IE and Opera, Firefox used to need an extension for this and I believe there is lso one for Chrome. This is also a standard part of the format used for html emails, so I wonder how far reaching this flaw really is or could be.

    It's a shame Microsoft's security flaw ratings aren't a bit more explicit rather than being the overly familiar "this security flaw could allow an unauthorised attacker to compromise your system".
     
  9. PingCrosby

    PingCrosby New Member

    Joined:
    16 Jan 2010
    Posts:
    392
    Likes Received:
    7
    I love flaws...I have several myself.
     
  10. RichCreedy

    RichCreedy Hey What Who

    Joined:
    24 Apr 2009
    Posts:
    4,699
    Likes Received:
    172
    secunia has this marked as less critical

    for more infomation look at the original microsoft security advisory 2501696
     
  11. thehippoz

    thehippoz New Member

    Joined:
    19 Dec 2008
    Posts:
    5,780
    Likes Received:
    174
    win vista and 7 aren't so bad on the security end of things despite what articles would have you believe.. I kinda wish everyone still ran windows xp cause it's a carnival of jokes.. easy to get in and run havoc

    turn the uac all the way up in 7 and use the homegroup password for your shares.. you'll put egg on the face of most these.. don't be a tool and not run uac because without it, you might as well hang upside down and have your face kicked up around.. well you know

    check out your task scheduler to add trusted apps that need admin.. then there's no excuse.. or you could go mac and run their ubuntu copy of a os with less security and be the ultimate jobbed toolbag (for the price of 2 pc's)

    I should change my name to the prowler or squeeler (like my vm snapshots are so accurately named :hehe:)
     
  12. HourBeforeDawn

    HourBeforeDawn a.k.a KazeModz

    Joined:
    26 Oct 2006
    Posts:
    2,637
    Likes Received:
    6
    okay where is this lockdown feature? it says under security like what IE Internet Options Security? or else where? Need to know on XP, Vista, ans Win7
     
  13. IvanIvanovich

    IvanIvanovich будет глотать вашу душу.

    Joined:
    31 Aug 2008
    Posts:
    4,870
    Likes Received:
    252
    the lockdown:
    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
    "explorer.exe"=dword:00000001
    "iexplore.exe"=dword:00000001
    "*"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1]
    "file"="file"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3]
    "file"="file"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4]
    "file"="file"
     
  14. AKHandyman

    AKHandyman New Member

    Joined:
    28 Jan 2010
    Posts:
    5
    Likes Received:
    0
    Uhhh ... Firefox with NoScript might help alleviate the anxiety caused by MS's ineptitude ... AK
     
  15. Blackie Chan

    Blackie Chan New Member

    Joined:
    5 Nov 2009
    Posts:
    83
    Likes Received:
    0
    Seriously, I have been running noScript for like three years, the benefits greatly outweigh the hassles for me.
     
  16. Daedelus

    Daedelus New Member

    Joined:
    7 May 2009
    Posts:
    253
    Likes Received:
    12
    People still use IE?
     
  17. Fizzban

    Fizzban Man of Many Typos

    Joined:
    10 Mar 2010
    Posts:
    3,339
    Likes Received:
    118
    This.
     
  18. E_Spaghetti

    E_Spaghetti New Member

    Joined:
    19 Apr 2009
    Posts:
    20
    Likes Received:
    0
    It seems that this article created a lot questions about a security flaw and just barely skimmed the answer to fix it.
    What's up with that?
    I'll just rely on a search engine now, but thanks for bringing the problem to our attention.
    I may report back with the answers to the questions that people have been asking.
     
  19. schmidtbag

    schmidtbag New Member

    Joined:
    30 Jul 2010
    Posts:
    1,082
    Likes Received:
    10
    unfortunately more than 50% of all computer users use IE, and to make it really depressing, more than half of those users use ie6

    also, people need to realize that UAC doesn't protect you from programs that you have granted access to. UAC was a horrible failed attempt to make windows secure - uac doesn't protect you from having stuff written, deleted, or replaced in your system. uac is biased towards certain programs, so some things can slip by it. uac doesn't require a password to be triggered (someone could easily create a virus that uac doesn't detect and make it automatically grant access to everything).
    theres a reason why linux and mac are so secure, and their lack of popularity ISN'T the only reason.
     
  20. thehippoz

    thehippoz New Member

    Joined:
    19 Dec 2008
    Posts:
    5,780
    Likes Received:
    174
    aye but your rant on the uac is'nt true.. I think your talking about whitelists and exploiting explorer.exe.. well if you read my post up above- simple as turning the uac all the way up in 7.. vista is secured by the uac correctly default- you can add your trusted apps in the task scheduler if you don't want a uac prompt

    if you really don't like windows.. it's probably more because you don't understand it.. a real hacker learns all systems including mac

    I don't know why microsoft even has the option to run whitelists that have been proven since beta to be insecure, and they run the uac like that default =].. I guess it's all the feedback from the smear job on vista or maybe they want to keep pentesters in business who knows
     
Tags: Add Tags

Share This Page