[CS-FSLUG] Windows in trouble for any html use!!!!!!!!!!
Fred Miller
fmiller at lightlink.com
Tue Jul 13 15:53:09 CDT 2004
The U.S. Department of Homeland Security has notified the world
to stop using the Web browser, and in fact generally stop using
Windows to view any HTML documents.
Hopefully, if you use MickySoft Internet Explorer or Microsoft
"Lookout" or "Lookout" Express, you know about this problem and have taken
steps to guard your computer. If not, it is time to panic and read this
now!!
If you are lucky (or wise) enough NOT to use the above (like Linux), this
report is fascinating and worth taking time to read carefully.
See: http://www.kb.cert.org/vuls/id/713878
This warning is by US-CERT, the United States Computer Emergency
Readiness Team, part of the U.S. Department of Homeland
Security.
I'll attempt a short description:
By convincing a victim to view an HTML document (web page,
HTML email), an attacker could execute script in a different
security domain than the one containing the attacker's
document. By causing script to be run in the Local Machine
Zone, the attacker could execute arbitrary code with the
privileges of the user running IE.
By redirecting to a local resource, controlling the timing of
the redirect, and setting the frame's location to a
javascript: protocol URI, an attacker can execute script in
the security context of the Local Machine Zone.
Functional exploit code is publicly available, and there are
reports of incidents involving this vulnerability.
Any program that hosts the WebBrowser ActiveX control or used
the IE HTML rendering engine (MSHTML) may be affected by this
vulnerability!!!
Seems to me, then, run any of the many Windows-based applications
that make use of the IE HTML rendering engine and you're running
down the street with no pants on. That INCLUDES HTML emails.
So, the answer is to follow no hot-links and view no email unless
you are sure of the source!!!
Are you sure this email does not contain HTML?
I again invite you to visit: http://www.kb.cert.org/vuls/id/713878
But, if you visited the above site, are you SURE that site is not a
fake and your computer may have been compromised.
Are you sure this email was sent by Fred Miller?
Are you sure one of the HTML emails you read this week was not an
exploit?
I'm glad I use SUSE Linux and KMail!!!
Fred
--
"Ballmer is no more designed for the art of persuasion
than the Abrams tank is for delivering meals on wheels."
More information about the Christiansource
mailing list