Extremely Critical IE6/SP2 Exploit Found

Spad writes "Secunia is reporting on three vulnerabilities in IE6 running on XP SP2. Any of these, in combination with an inappropriate behaviour where the ActiveX Data Object (ADO) model can write arbitrary files, can be exploited to compromise a user's system. Moreover, the vulnerability can be used to delete files from the user's system. Secunia says 'Solution: Use another product.'"

A worm that deletes everything.

[caluml]

We need a worm/virus that deletes everyones files. That would make keeping your computers patched a high priority for most of the users. At the moment, viruses are just something that affects and annoys "other people"

Re:A worm that deletes everything.

[LewsTherinKinslayer]

"We need a worm/virus that deletes everyones files. That would make keeping your computers patched a high priority for most of the users. At the moment, viruses are just something that affects and annoys "other people""

Similarly, we need a firebug to go around lighting people's houses on fire to show how having smoke detectors should be a high priority.

I realize you're not being 100% serious, but this reasoning is stupid.

Re:A worm that deletes everything.

[tom1974]

That would make keeping your computers patched a high priority for most of the users.

What has that to do anything with this story? RTFA and please stop blaming the user for everything.

Running WinXP SP2 and fully patched system. I run Norton anti-virus, spybot, Ad-aware and now MS Antispyware and enabled autoupdate.

Checked out Secunia, ran their test and my system was found vulnerable.

What more should I patch?

Re:A worm that deletes everything.

[skiman1979]

It's a shame that Windows users need to install antivirus, spybot, ad-aware, and other scanners (and run them on a monthly...weekly...daily basis to keep their computers clean. Also, don't forget about regedit. Seems Windows registry likes to corrupt itself. I dread the day that Linux gets to that point.

No explanation about what the test does...

[kiddailey]

What's scary is that page doesn't even detail what the test will do on your machine! Clicking the link is risky enough even if you did know what it was going to do (ie. how do you know their server hasn't been compromised and the test altered).

All it says is "The test requires that you have Windows installed in 'c:/windows/'." Uh... Why? is it actually doing something in there? Does it just need to access cmd.exe?

Click at your own risk, indeed. I suggest running it on a machine that you plan to reformat or under an emulator like VPC.

Re:Heh

[R.Caley]

...But one with proper security controls put in place like a good virus scanner/firewall/IE settings/anti spyware and creating a non-admin user for web browsing will not be affected.

And a car with the wheels nailed to the ground, the doors welded and all the windows painted over is pretty safe from theves. When you saw those precautions advised in the manufacturer's literature, would you buy the car?

Re:So what you're telling me is that

[CerebusUS]

No, What I'm telling you is that this article was written and posted to provide fodder for a flame war.

You are still vulnerable because Microsoft has determined that this vulnerability is:

a) unpatchable without ruining the functionality of the product

and / or

b) not a large enough threat to worry about.

Now I'm _not_ going argue whether either of these points is correct or not. But to present these as "New exploits" is typical Slashdot anti-journalism. they did the same thing when they announced the "New" vulnerabilities for Firefox a few days ago. Those were not new either, but neither the submitters or editors bothered to read the articles that were submitted.