Internet Explorer iepeers.dll severe vulnerability - IE 6 & 7

Discussion in 'Computer Security' started by MEB, Mar 15, 2010.

  1. MEB

    MEB Guest

    Not exactly a new vulnerability, yet should be noted and dealt with.

    Yet another exploit being used in the wild affecting iepeers.dll and
    its object handling/re-usage.

    http://secunia.com/advisories/38860

    http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx

    http://www.us-cert.gov/cas/bulletins/SB10-074.html
    {also note the Excel vulnerabilities}

    Microsoft Security Advisory (981374)
    Vulnerability in Internet Explorer Could Allow Remote Code Execution
    Published: March 09, 2010 - Updated: March 12, 2010
    http://www.microsoft.com/technet/security/advisory/981374.mspx

    Note the:
    Suggested Actions
    Workarounds

    Be aware of how its being used and that it is being used, and make
    efforts to control its usage.


    --
    MEB
    http://peoplescounsel.org/ref/windows-main.htm
    Windows Info, Diagnostics, Security, Networking
    http://peoplescounsel.org
    The "real world" of Law, Justice, and Government
    ___---
     
    MEB, Mar 15, 2010
    #1
    1. Advertisements

  2. MEB

    MEB Guest

    There is also the warnings to disable Active content and check your
    Zone settings [High and further restrictions], restrict site access on a
    per site basis, with other suggestions per OS involved.
    --
    MEB
    http://peoplescounsel.org/ref/windows-main.htm
    Windows Info, Diagnostics, Security, Networking
    http://peoplescounsel.org
    The "real world" of Law, Justice, and Government
    ___---
     
    MEB, Mar 15, 2010
    #2
    1. Advertisements

  3. MEB

    Hot-text Guest

    I'll just run Opera on my WIN98 and move up to IE8 on my XP << Hmm live on
    the WWW.....

     
    Hot-text, Mar 16, 2010
    #3
  4. MEB

    98 Guy Guest

    How do you define new?

    This one is only a week old.

    Here's a not-bad technical explanation:

    http://pandalabs.pandasecurity.com/demonstrating-the-latest-ie-0-day-vulnerability

    I've seen no evidence or comments anywhere indicating that the exploit
    functions properly on win-98.

    And I keep saying that only morons are still using IE6 as their primary
    browser.

    If you run Firefox 2.0.0.20 on win-98 systems, and use that add-on that
    I mentioned in a previous post to change your user-agent to make it look
    like you're running FF 3.x on a win-XP system, then no malicious website
    will be able to send you correct exploit code.
     
    98 Guy, Mar 16, 2010
    #4
  5. MEB

    MEB Guest


    Well, you are an excellent example of a moron...

    Are you that stupid,,, uh yes you are. YOU think changing your browser
    indicator protects you from exploits... STTTTTUUUUUUPPPPPIIIIIDDDDDD
    IIIIDDDDDIIIOOOTTT...

    The systems are probed for exploits NOT based upon the browser
    indicator but upon available OS, specific browser vulnerabilities, and
    other discovered,, go back to your rock...

    As for FF2 it was left with the XSS exploit and several others, dorkie
    doodooo, but you know that, as WE discussed it WITH the mozilla forum
    specific discussions...

    --
    MEB
    http://peoplescounsel.org/ref/windows-main.htm
    Windows Info, Diagnostics, Security, Networking
    http://peoplescounsel.org
    The "real world" of Law, Justice, and Government
    ___---
     
    MEB, Mar 16, 2010
    #5
  6. MEB

    98 Guy Guest

    Says Meb, the name-calling, ranting child.
    You've said it before that your browser-agent string is used by
    malicious websites to serve you the exact exploit that is designed to
    exploit your particular OS and browser combination.

    By faking your browser string so that it indicates a completely
    different OS and browser version than what you're actually using, please
    explain how the server can still somehow know your real OS and browser?
    So how can you defend the continued use of IE6 for win-98 users over
    FireFox 2.0.0.20? I dare you to answer that question.

    And if any given webserver *thinks* that I'm running Firefox version
    3.x, then tell me how I'm vulnerable.

    And by using KernelEx, I can actually be running FireFox version 3.x on
    a win-98 system.
     
    98 Guy, Mar 16, 2010
    #6
  7. MEB

    MEB Guest

    BS, I have NEVER said the browser string is used. You are too stupid to
    remember my comments regarding the physical file probings. I would
    suggest you stop listening to those morons who told you this string
    change works.

    that your browser-agent string is used by
    No that happens to be your IQ of 98 getting in the way of what actually
    occurs.
    Browser indicators are for *easy* html presentations, or *legitimate*
    coding probes PER OS.

    I have no intention of explaining hacker methods to an idiot like you.
    I don't defend and have never defended any such thing.
    I understand Win9X users are still using it regardless of the problems
    with it. I DO NOT recommend its usage or FF2. Go back through my
    postings regarding browser usage and you find exactly the opposite being
    done.
    In stark contrast, YOU are always attempting to get them to install
    crap and use IE6, to the point of installing Win2K files, or FF2, or a
    kernel hack, or some of the other garbage floating around; constantly
    providing users with the false idea that these work and will protect them.
    The only sites that *think* you are running FF3 are those trying to
    help get recalcitrant users to upgrade to safer browsers, safer JAVA,
    safer Flash, etc..
    For instance, Microsoft, YouTube, and Twitter are both having
    difficulties protecting the users of those services and ARE attempting
    to get a handle and a bit of control on the services being used for
    malicious purposes. They are having difficulties due, in part, to people
    like you who don't update, use vulnerable systems and OSs, and defunct
    browsers; added with the ridiculous and childish ideas passed around the
    Internet like "changing your browser string protects you" that idiots
    like you espouse upon, which makes it even more difficult for others to
    PROTECT the users.
    Changing the browser string has been available basically since browsers
    were created, it provides no real protection nor real anonymity.
    Yeah so... so you think you are as protected as an NT or Linux with the
    same browser version... guess again.. moreover you have the SAME browser
    exploits within the browser that the NT and Linux users do WITHOUT the
    OS protections and likely MORE vulnerabilities in both.

    You really haven't got a clue about anything do you...

    --
    MEB
    http://peoplescounsel.org/ref/windows-main.htm
    Windows Info, Diagnostics, Security, Networking
    http://peoplescounsel.org
    The "real world" of Law, Justice, and Government
    ___---
     
    MEB, Mar 16, 2010
    #7
  8. MEB

    Sunny Guest

     
    Sunny, Mar 16, 2010
    #8
  9. MEB

    MEB Guest

    And now we have the normal from one of our most "loved" trolls, Sunny.

    So Sunny, what words of wisdom do you have for the world, tell us oh
    wise one?

    --
    MEB
    http://peoplescounsel.org/ref/windows-main.htm
    Windows Info, Diagnostics, Security, Networking
    http://peoplescounsel.org
    The "real world" of Law, Justice, and Government
    ___---
     
    MEB, Mar 16, 2010
    #9
  10. MEB

    Richard Guest

    Is it possible that you all can just e-mail each other, rather than use this
    public forum for your name calling?

    Eric
     
    Richard, Mar 21, 2010
    #10
  11. MEB

    Hot-text Guest

    Richard No it not possible just e-mail each other when same runs a
    NoSpam@E-Mai!

    But Thant You for Asking!
     
    Hot-text, Mar 22, 2010
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.