Security flaw in Internet Explorer and Access. (Security).GFI GFI Ground Fault Interrupter GFI Go For It GFI Government-Furnished Information GFI Growing Families International GFI Goodness of Fit Indices GFI Government Financial Institutions (Philippines) GFI Gross Farm Income has discovered a security flaw in Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. and Microsoft Access A database program for Windows, available separately or included in the Microsoft Office suite. Access is programmable using Visual Basic for Applications (VBA). Access can read Paradox, dBASE and Btrieve files, and using ODBC, Microsoft SQL Server, SYBASE SQL Server and Oracle data. 2000 that allows macros to be executed automatically on a victim's machine. GFI has notified Microsoft Corp., which issued an advisory (Microsoft Security Bulletin number MS02-005). This flaw within Internet Explorer allows a malicious user to run arbitrary code on a target machine as it attempts to view a website or an HTML HTML in full HyperText Markup Language Markup language derived from SGML that is used to prepare hypertext documents. Relatively easy for nonprogrammers to master, HTML is the language used for documents on the World Wide Web. email. It can be exploited by embedding macro code such as VBA (Visual Basic for Applications) A subset of Visual Basic that provides a common language for customizing Microsoft applications. VBA supports COM, which allows a VBA script to invoke internal functions within Excel, Word and other COM-based programs or to make use of (Visual Basic for Applications) within an Access database file (.mdb) that in turn lies within an Outlook Express email file or Multipart HTML File (.tnhtml). If this file is accessed using Internet Explorer, the attachment can be automatically executed without triggering any warnings. Comment: It can be most dangerous, to open an email which uses exploit because it will run on any computer having Internet Explorer and Microsoft Access 2000, which forms part of MS Office. Our tests on this email threat showed that, in Outlook 2000, the embedded VBA code was executed automatically even within the High Security and Restricted Zone. Such an email that contains malicious code could do almost anything on the recipient's machine. This flaw many be exploited through email by using an iframe tag in an HTML email or a window, open within a <Xcript> tag, allowing Internet Explorer to automatically access the exploit eml file. To prevent the exploit from running through email, GFI advises filtering all HTML email for JavaScript and similar scripting capabilities, as well as checking for IFRAME. GFI also recommends filtering out mdb files and possibly blocking access to eml, mhtml and mht files through HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. and email. It is also important to apply the patch distributed my Microsoft Corp. www.gfi.com |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion