Zero Day Vulnerability – IE6/IE7 Remote Code Execution Vulnerability

Zero Day Vulnerability – IE6/IE7 Remote Code Execution Vulnerability

by Bill Correa 11. March 2010 05:21
Severity:  High

10 March, 2010

Summary:
  • Vulnerability Affects:  Internet Explorer 6 and 7.  NOTE Internet Explorer 8 is NOT affected
  • How an attacker exploits them:  Specially crafted attack used to perform remote code execution on system.
  • Impact:  Various results; in the worst case, an attacker executes code on your user's computer, potentially gaining full control of it
  • What to do: No patch available yet for IE6/IE7 – best course of action is to upgrade to IE8
Exposure:

Affected Software

  • Microsoft Windows 2000 Service Pack 4
  • Windows XP Service Pack 2 and Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
  • Windows Vista x64 Edition , Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition and Service Pack 2
  • Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
  • Internet Explorer 6 for Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
  • Internet Explorer 6 for Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2
  • Internet Explorer 7 for Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
  • Internet Explorer 7 for Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2
  • Internet Explorer 7 in Windows Vista, Windows Vista Service Pack 1, Windows Vista Service Pack 2, Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
  • Internet Explorer 7 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
  • Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Internet Explorer 7 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2

Non-Affected Software

  • Windows 7 for 32-bit Systems
  • Windows 7 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems
  • Windows Server 2008 R2 for Itanium-based Systems
  • Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
  • Internet Explorer 8 for Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
  • Internet Explorer 8 for Windows Server 2003 Service Pack 2 and Windows Server 2003 x64 Edition Service Pack 2
  • Internet Explorer 8 in Windows Vista, Windows Vista Service Pack 1, Windows Vista Service Pack 2, Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
  • Internet Explorer 8 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
  • Internet Explorer 8 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
  • Internet Explorer 8 in Windows 7 for 32-bit Systems
  • Internet Explorer 8 in Windows 7 for x64-based Systems
  • Internet Explorer 8 in Windows Server 2008 R2 for x64-based Systems
  • Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Systems

 

Vulnerability in Internet Explorer 6 and 7 (but not IE8), which can permit remote code execution.  Vulnerability is caused by an invalid pointer reference that can be accessed after an object is deleted, enabling specially crafted attacks to access the freed object and perform remote code execution.

Security Advisory 981374 specifically calls out IE Protected Mode on Windows Vista, such that an attacker that exploited the vulnerability on a Vista OS system running IE7 would still have limited rights on the system.

By default, Windows Server 2003 and 2008 run IE in Enhanced Security Configurationwith the security level set to HIGH on the internet zone, which would mitigate the vulnerability as well.

Solution Path:

Upgrade to IE8 which is not affected by the vulnerability. 

Status:

As of the March 10, 2010 update to Security Advisory 981374, no patch has been issued for this vulnerability.  Therefore the recommended action is to upgrade to Internet Explorer 8.

References:

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags: , ,

Security

E-mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0) | Post RSSRSS comment feed
Comments are closed

Daily Quote:

"Death is better, a milder fate than tyranny."

- Aeschylus

Authors:

Bill Correa, PMP
Principal Consultant
Arcanum Group, Inc.
My LinkedIn Profile

Rick Williams, CPA, PMP
Principal-Business Intelligence & Process Consulting
Arcanum Group, Inc.
My LinkedIn Profile

RecentComments

Comment RSS
Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

© Copyright 2012 ARCANUM Blog