Slashdot Mirror

← Back to Stories (view on slashdot.org)

Another Critical Microsoft Hole

Posted by michael on from the your-daily-dose dept.

gmuslera writes "Not was enough that recent vulnerability in IE that can run any program in an unpatched windows system. Now there is another related to an ActiveX control that can make IE and IIS to run any code in the system. The Microsoft solution? kill the related ActiveX control and replace it with a safe one. The Microsoft problem? As this control is Microsoft signed, any site can require it, upload it and replace the "good" one with the vulnerable one. The final recomendation from Microsoft? Don't trust/run ActiveX controls signed by Microsoft." Gimble points to the appropriate locations on Microsoft's website: "Another buffer overrun (that allows arbitrary code to be run) has been admitted to by MS, and it affects IIS and IE on clients (but not on XP), and they have a patch available here Security Hotfix for Q329414. The kicker is that a patched system can be rendered vulnerable again by a hostile web site or HTML email. The 'solution' from MS in Microsoft Security Bulletin MS02-065 recommends that you remove MS from the list of Trusted Publishers."

5 of 597 comments (clear)

  1. Re:why? by NecroPuppy · · Score: 5, Interesting

    Because there are still quite a few of us
    who still use Windows...

    I've got half a dozen software packages that
    are currently only available for Windows or
    Mac, and as I don't like Macs, I'm stuck
    with Windows for the time being.

    This kind of story is "News for Nerds", and
    as such, is, IMO, much more valid a story than
    most that get posted here.

    And as far as the Open Source comment; yes,
    Open Source systems have bugs. However, I
    don't know of a single one that will have a
    website pop-up ask you to download a major
    security hole under the name of trusted
    computing.

    Do you?

    --
    I like you, Stuart. You're not like everyone else, here, at Slashdot.
  2. I found it ammusing... by oconnorcjo · · Score: 5, Interesting

    but I think Microsoft is doing the right thing here. They are in a pickle and they have given a good solution (and one that is embarrasing to them). Of course what they should really do is redesign IE to not run in "root" mode but that is another story. I wish the slashdot editors did not relish so much the foibles of Microsoft in their editorial comments.

    --
    I miss the Karma Whores.
  3. Use separate certificates for each control? by virtcert · · Score: 5, Interesting

    According to the MS release, the reason that they can't simply revoke the certificate for the control is that they signed other controls with the same certificate.

    Wouldn't it make sense for them to just sign every control with a DIFFERENT certificate, so when one is found to be flawed they can revoke the cert and only the new version will install easily?

    It's not like MS can't afford the cost of the individual certs, if they aren't a CA themselves already...

  4. Re:So what.. by richie2000 · · Score: 5, Interesting
    If my Linux box wasn't kept up to date, there would be quite a few remote root exploits similar to this.

    Hang on, let me catch up here. Did Linus digitally sign a control in a subsystem designed to download code from any old webserver you might happen upon and run it as root while I was looking the other way? And did he, after it was discovered that such a system is not perfectly, 100%, safe *astonished look* issue a warning on the Linux kernel developer mailing list stating, in effect, that he's a jackass and people should stop trusting him with anything more dangerous than a moist sponge in a bathtub?

    I don't think so.

    --
    Money for nothing, pix for free
  5. I realize most /.ers use IE, but... by autopr0n · · Score: 5, Interesting

    Why all the focus on microsoft products, I submitted an exploit for opera a month or so ago, and it was rejected.

    --
    autopr0n is like, down and stuff.