For the third time in as many months, Microsoft
issued a cumulative patch for its flagship Internet Explorer browser,
warning that two newly discovered vulnerabilities involving the cross-domain
security model should be considered “critical.”
A security advisory from Microsoft said the
latest IE fix includes the functionality of all previously released patches
for Internet Explorer versions 5.01, 5.5, 6.0.
The latest bugs, detected by Swedish researcher Andreas Sandblad,
affected the browser’s cross-domain security model which keeps windows of
different domains from sharing information. “These flaws results in Internet
Explorer because incomplete security checking causes Internet Explorer to
allow one website to potentially access information from another domain when
using certain dialog boxes,” the company warned.
To exploit the holes, an attacker would have to host a malicious web page
aimed at this particular vulnerability and then persuade an IE user to visit
that site. “Once the user has visited the malicious web site, it would be
possible for the attacker to run malicious script by misusing a dialog box
and cause that script to access information in a different domain,”
“In the worst case, this could enable the web site operator to load
malicious code onto a user’s system. In addition, this flaw could also
enable an attacker to invoke an executable that was already present on the
local system,” it cautioned.
Separately, Microsoft’s 5th advisory this year warned that the
Windows Redirector on Windows XP contains an unchecked buffer vulnerability
that could lead to denial-of-service.
That flaw, rated as “important” could also allow an intruder to execute
harmful code if data was crafted in a particular way. A patch to fix the
Windows Redirector problem was also posted.