 | By Chris Mosby This Patch Tuesday, Microsoft has once again fixed several flaws in IE — but, as usual, there are other holes still unpatched. As discovered earlier this month, IE is wide open to a pretty severe cross-domain flaw that can allow a hacker to do just about anything to your computer. |
IE is vulnerable to cross-domain attacks
Versions 6 and 7 of Internet Explorer have a flaw in their “cross-domain” security models. This can allow, among other things, one Web site to access information from another Web site when you transition from one page to another.
This poses a large threat to corporations that allow their users to freely surf the Internet. A user might visit a hacked Web site that could carry out various attacks, including setting or reading browser cookies, reading or modifying form submissions, and executing hacker programs, which would have administrative rights. This flaw has been confirmed on fully patched versions of IE in multiple versions of Windows.
Strangely, the FrSIRT (French Security Incident Response Team) listing of this flaw states that the vulnerability has been fixed by Microsoft’s June 12 MS07-033 patch for IE. However, Microsoft’s bulletin doesn’t claim this flaw as part of the fix list for that patch. (The MS bulletin doesn’t include the problem’s CVE number, a tracking system for threats that is hosted and defined by the MITRE Corp.
No other security sources make the same claim as FrSIRT, at the time of this writing. Testing I’ve done on a fully patched XP system with the demo page that’s provided by Michal Zalewski, the person who discovered this flaw, doesn’t support FrSIRT’s claim either.
Related posts:
