Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: [ISN] First Fallout from Code Leak Hits the Web
- From: Howell, Paul
- Date: Wed Feb 18 09:10:33 2004
-----Original Message-----
From: owner-isn@attrition.org [mailto:owner-isn@attrition.org]On Behalf
Of InfoSec News
Sent: Tuesday, February 17, 2004 9:08 AM
To: isn@attrition.org
Subject: [ISN] First Fallout from Code Leak Hits the Web
Forwarded from: William Knowles <wk@c4i.org>
http://www.eweek.com/article2/0,4149,1528043,00.asp
By David Morgenstern
February 16, 2004
A security company on Monday alerted clients of a new vulnerability to
Internet Explorer 5, one attributed to the recent leak of Microsoft
Corp. Windows source code. The quick attack appears to contradict some
optimistic expectations that the recent leak of Windows 2000 and NT
code would not pose a significant opportunity for hackers.
According to a message posted by SecurityGlobal.net LLC's Security
Tracker Web site, a vulnerability was reported in Microsoft Internet
Explorer Version 5 that lets a "remote user execute arbitrary code on
the target system."
A hacked bitmap file can trigger an integer overflow and execute
arbitrary code, the security bulletin said.
The author of the warning said that this flaw was uncovered by
reviewing the recently leaked Windows source code.
"I downloaded the Microsoft source code. Easy enough. It's a lot
bigger than Linux, but there were a lot of people mirroring it and so
it didn't take long," observed the anonymous programmer in his
warning.
The code is a portion of source from Windows NT 4.0 and Windows 2000
that made its way onto the Internet Thursday.
"IE6 is not vulnerable, so I guess I'll get back to work. My Warhol
worm will have to wait a bit..." wrote the author of the warning.
No patch was available for download from Microsoft's Security Web site
and the company was not available for comment.
Several analysts had predicted no immediate threat from the source
code leak, since the amount of code presented on the Internet was
limited.
However, in comments offered on Friday, Ken Dunham, malicious-code
manager at iDefense Inc., based in Reston, Va., said that
vulnerabilities in the older Windows would likely be much easier to
discover and exploit now after the leak of the source code.
"There are a lot of implications to this. The situation just got a lot
worse, in terms of vulnerabilities," he said in an interview with an
eWEEK reporter. "I imagine we'll be seeing a lot more this year
because of this. There's certainly enough in [the leaked code] to play
with."
This warning follows a string of recent vulnerabilities concerning
Internet Explorer. Earlier this month Microsoft released a cumulative
patch covering a dangerous Internet Explorer vulnerability that let
attackers trick customers into visiting malicious sites.
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
================================================================
Help C4I.org with a donation: http://www.c4i.org/contribute.html
*==============================================================*
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.
------------------------------------------------------------------------
To unsubscribe from netsec, send mail to majordomo@merit.edu
with a body consisting of the words "unsubscribe netsec" --
without the quotes. For more help, send a message to majordomo@merit.edu
with the word "help" as the body.
------------------------------------------------------------------------
|
