IE Flaw Gives Hackers Access To User Files

snydeq writes "Microsoft warned that a flaw in IE gives attackers access to files stored on a PC under certain conditions. 'Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location,' Microsoft said in a security advisory. The vulnerability requires that an attacker knows the name of the file they want to access, according to the company."

*sigh* ... blame Netscape.

[hey!]

Had Microsoft not needed something to drive a stake through Netscape's heart, it wouldn't have needed to concoct it's own Frankenstein's monster of confused and misbegotten priorities.

This is bad.

[Buelldozer]

When you go to my website I know what the cookie name is and I know the default file system location for that cookie. This one seems pretty bad.

Re:This is bad.

[jimicus]

Well, if any of those cookies are being used by supposedly secure sites to remember somebody's login so they can conveniently purchase in future, you may well know enough to log into their account on those shopping sites and get their real name, address and purchasing history. From this point, it's not a particularly large step to large-scale identity theft.

I wonder...

[Ismene]

I wonder how many people have a "passwords.txt" file in their Documents. ;-)

Flawed

[mcgrew]

an attacker may be able to access files with an already known filename and location

One more reason not to keep your files in "My Documents". That part is easily guessed; "2009 Income Tax Returns" would be easy to guess as well.

"Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008," it said.

Does XP have a protected mode? That's the version of Windows most people use IINM. Is this a ploy to get people to upgrade from XP?

Microsoft hasn't seen any attacks that exploit the flaw and has yet to decide whether to repair the flaw through its monthly security patch release cycle or an urgent, out-of-cycle update.

Has yet to decide whether to repair it? Hmmm... Ok, they're trying to decide when to. How about doing what every other browser company does and give us the patch NOW?

Re:Flawed

[radish]

Is this a ploy to get people to upgrade from XP?

I'd say it's (yet another) reason to stop using a 9 year old OS. How many of the major linux distros still support versions that old? How many people would recommend continuing to run a version that old?

Re:Flawed

[Leynos]

C:\users\%USERNAME%\Documents anyone?

c:\Windows\System32\

[LikwidCirkel]

Hmm.. the most obvious predictable file names are conveniently the most dangerous for someone to have access to.

Re:c:\Windows\System32\

[hawaiian717]

C:\windows\system32\config\sam

Read-only access is all you need...

Re:c:\Windows\System32\

[WillAffleckUW]

yeah, it's not like there are stored connection strings to databases ... um ...

I'm really getting sick of this excuse

[apparently]

"The vulnerability requires that an attacker knows the name of the file they want to access, according to the company."

Good thing no one knows to look for: "%USERPROFILE%\My Documents\Quicken\qdata.qdf"