• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

IE hole can become a 'back door' for hackers

Recommended Posts

kintamanate    1

Posted by HyperionX and tisucka on another board:

""AN ATTACKER COULD trick users of Microsoft's IE (Internet Explorer) Web browser into downloading and running a malicious program by disguising it as an innocent file, a Finnish security company has warned.

The file name as it appears in the IE file download dialog box can be faked by using certain URLs and HTTP headers on a Web page, making users think they are opening a media file when in fact they are installing a "back door" on their PCs, according to Oy Online Solutions, based in Jyv?skyl?, Finland. A back door is a program that can be used by hackers to enter a user's PC.

IE won't show the warnings it typically displays when a program file is downloaded or opened, because the .exe file extension may have been hidden or replaced with another such as .txt or .htm. The file is run without any warnings because IE, just as the user, thinks it is a harmless file, Oy Online Solutions said.

Details of the vulnerability were first released on the Bugtraq mailing list in late November. Microsoft at the time did not consider it a flaw, but will now release a patch, Jyrki Salmi, managing director of the Finnish Internet security company, said on Thursday.

"Microsoft has forwarded us the initial patch. It appears to be working and should be available next week," he said.

Salmi declined to say why Microsoft changed its mind.

It has been suggested that the vulnerability could be exploited to automatically download and run programs on a user's PC, without even showing a faked file name in a dialog box. Salmi wouldn't confirm or deny this, saying only that it would become clear when the patch is released.

Affected are IE 5.0, 5.5, and 6, according to Salmi.

Users are advised to disable file downloading or be very cautions about downloading files until the patch becomes available, Salmi said.

In general, users should be careful when downloading files from untrusted Web sites, Salmi said, adding that a trusted site could be hacked and thus dangerous as well.

Besides back doors, the vulnerability could also be exploited to install tools used in distributed denial-of-service attacks, format hard disks, or spread viruses, the Finnish security company said. "

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.