Some folks who spend time looking for problems in software like Microsoft IE are warning of an unpatched hole affecting Internet Explorer (IE) version 6.0.0, (including the version released with Windows XP Service Pack 2 cSP2)) that could allow a remote attacker to bypass security warnings designed to inform users when a file is being passed to their computer using a specially-crafted HTML web document. In response Microsoft said Bugtraq (security discussion list) is like totally lying and everything is working as it should ie the download blocking feature in that version of the browser is working as designed.
Security software company Symantec issued a vulnerability alert about the hole Friday and cited Rafel Ivgi who made the post on Bugtraq - . so that problem that does not exisit relates to an IE feature designed to catch references to file downloads does not detect a particular HTML event, known as "onclick," when it is combined with the common HTML
tag, which designates the beginning and ending of the main part of a web page.
Malicious Internet users could use the onclick event in combination with another function called "createElement" to create an IFRAME, or "inline frame," which is an HTML element that allows external objects to be inserted into another HTML document. Attackers could link the IFRAME to a malicious web page that downloaded a malicious file to the user's computer when the page was clicked on, without generating a warning in the Information bar.
There is no patch available for the new hole, and no specific exploit code is required to take advantage of the hole, Symantec says.
- MORE
- MORE
