Wednesday 20 October 2004

Browser Vulnerabilities and other news

This isn't a good day for browsers as Secunia reports vulnerabilities in virually all of them except the likes of Lynx and Wget.

According to Slashdot:

All browsers have been reported vulnerable to different vulnerabilities today. Starting with: Internet Explorer on XP SP1/SP2, which suffers a new system compromise (of course) vulnerability. Continuing with: Opera, Mozilla / Mozilla Firefox / Camino, Safari, Netscape, Konqueror, Avant Browser and Maxthon, which all suffers some new spoofing vulnerabilitities.

The Internet Explorer vulnerabilities is to to with the "drag and drop" vulnerability supposedly patched on October 14 but which is still working, and a second vulnerability which allows malicious web pages to bypass the security zone restrictions, using crafted .hhk files (Windows Help Index).

The vulnerability affecting the other browsers is to do with tab spoofing. Briefly,

More information can be found in the Secunia Research into Tabbed Browsing Vulnerabilities. In addition, Secunia has provided two tests to demonstrate these tab spoofing vulnerabilities:

Konqueror reports that the vulnerability was fixed in KDE 3.3.1, Opera reports that the vulnerability will be fixed in Opera 7.60 while it appears that for Firefox at least, the vulnerability has been partially fixed in a nightly build.

Meanwhile, the folks at Bugtraq have been busy demonstrating how to break Windows XP SP2 + Internet Explorer 6 SP2.

It is a bit too late in the day for my tired brain to figure out this exploit but I note that Thor Larholm of pivx has weighed in with his own comments and a timely plug of Qwik-Fix Pro:

I successfully reproduced this exploit on a fully patched XPSP2 installation and can verify that malware.htm is planted locally after which HTML Help is used to launch it and circumvent the XPSP2 browser security improvements, compromising the system.

However, this exploit did not work on any systems with Qwik-Fix Pro installed, from Windows 95 to Windows XP Service Pack 2. A free Home edition and a trial Corporate edition is available for download at

In other news, PC World reports that Nvidia has become the first to release a motherboard controller that makes it possible to build a hardware firewall within a PC itself.

The motherboard is pricey by the way and will only work with AMD Athlon 64, 64 FX, and Sempron processors.

Related Reading