IE Object Tag Buffer Overflow Patched

For the third time this year, Microsoft has issued a
cumulative patch to fix security holes in its flagship Internet Explorer
(IE) browser, warning that the flaws affect versions 5.01 through 6.0, including IE 6.0 for Windows Server 2003.

The software giant tagged a “critical” rating on the vulnerability, which
was detected by researchers at eEye Digital

The latest cumulative patch includes the functionality of all previously released fixes
for IE and two newly discovered security holes, the company said in an alert
issued on Wednesday.

First up, Microsoft said a buffer overrun vulnerability occurs because IE
does not properly determine an object type returned from a Web server. The
hole leave the door open for an attacker run arbitrary code on a user’s
system, potentially putting millions of Web users at risk.

“If a user visited an attacker’s website, it would be possible for the
attacker to exploit this vulnerability without any other user action,” the
company warned, noting that an intruder could also craft an HTML email to
exploit the flaw.

The patch also fixes a vulnerability that results because IE does not
implement an appropriate block on a file download dialog box. Microsoft
said this could let an attacker run harmful code on a user’s system if the
Web user simply visited an attacker’s website.

It’s the third time this year that Microsoft has issued a monster patch
for IE, which is by far the most widely used Web browser on the Internet.
In February, a patch carrying a “critical” rating was
issued to fix a cross-domain security issue and, in April, the company also
released a cumulative patch to plug for other
“critical” vulnerabilities.

Microsoft said the latest IE patch will cause window.showHelp( )
to cease to function if you the HTML Help update isn’t applied. “If you
have installed the updated HTML Help control from Knowledge Base article
811630, you will still be able to use HTML Help functionality after applying
this patch,” the company noted.

News Around the Web