Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Thanks guys and gals for helping me fix my computer with your wonderful database of readily and logically available information here. - giiviak  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Technet

Expert Zone Community
Services
Cyber Tech Help Community

To the top of the page to top

 



Computing News | IE7/Firefox URI Handling Bug Caused by Windows After All

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Posted by: Tweaker
Date added: 22:07 Monday, 30th July 2007 GMT
Source: Beta News

An exploitable bug discovered earlier this month that was first believed to have been caused by Internet Explorer 7.0, before Mozilla was forced to admit that it afflicted Firefox as well, has apparently been traced back to a Windows API function.

The discovery may have been first revealed through the US-CERT Web site of the Dept. of Homeland Security, which now classifies it as a "Microsoft Windows URI protocol handling vulnerability." The function in question is an old favorite of malware writers: ShellExecute(), which was the subject of a notorious Windows 2000 exploit four years ago.

While Microsoft has yet to issue an official statement or bulletin making this discovery clear, it probably advised US-CERT with regard to its existence. The official government site this morning reads, "We are currently unaware of a practical solution to this problem."

While it awaits such a solution, the finger-pointing over who's responsible may continue to precede any rational discussion over who gets to fix it, as well as the impractical solution of working together to fix it.

The problem, as it now stands, seems to be this: After IE7 is installed on a system, or when a new operating system is installed with IE7 present, the ShellExecute() API function is handled differently. This is the call (or one of the calls) that a Windows application would place when it wishes to launch another application.

When a Web browser receives a URI that contains a resource identifier that obviously isn't http://, it searches the Registry for the external application associated with that identifier. It then launches the application that the Registry reports back, and passes it parameters supplied from inside the URI.

Intentionally malforming the URI is what opens up a browser to the execution of unchecked, remote binary code. Last week, Billy Rios, a senior security consultant for VeriSign , posted on his personal blog that he and a colleague were able to use the exploit to cause remote code execution in Firefox. Once IE7 is installed on a system, Firefox becomes vulnerable, as does Netscape Navigator 9 and the Mozilla open-source browser.

Story here.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]