We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.   We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.
 Saturday, August 20, 2005
Killbit "msdds.dll"

Critical: Highly critical
Impact: System access
 
Where: From remote
 
Solution Status: Vendor Workaround
 
Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.x
  Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
 
CVE reference: CAN-2005-2127
 
 
Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error when the "msdds.dll" (Microsoft DDS Library Shape Control) COM object is instantiated in the Internet Explorer browser.

Successful exploitation allows execution of arbitrary code, but requires that a user is tricked into visiting a malicious web site.

The COM object is reportedly installed as part of the following products:
* Microsoft Visual Studio .NET 2002
* Microsoft Visual Studio .NET 2003
* Microsoft Office Professional 2003
* Microsoft Office XP

Other products may also include the affected COM object.

NOTE: An exploit has been published. However, there are currently conflicting reports about the exploitability of this issue. Some reports confirm that code execution is possible, while other reports indicate that the problem can't be reproduced. This indicates that only certain versions of the COM object may be affected. Secunia has currently not been able to reproduce the vulnerability in version 7.10.3077.0 of the COM object (included with Microsoft Office 2003 and Microsoft Visual Studio .NET 2003).

Solution:
Restrict use of ActiveX controls to trusted web sites only.
The vendor has various other workarounds documented in the original advisory.
A non vendor solution Killbit Work around here.

Other News by:
Eweek article:

Changelog:
2005-08-18: Added Microsoft Office XP as affected. Added link to ISC.
2005-08-19: Added additional information from Microsoft.

Original Advisory:
Microsoft (KB906267):
http://www.microsoft.com/technet/security/advisory/906267.mspx
http://support.microsoft.com/kb/906267

Other References:
ISC:
http://isc.sans.org/diary.php?date=2005-08-18

US-CERT VU#740372:
http://www.kb.cert.org/vuls/id/740372
Threats
8/20/2005 6:32:37 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [2]  | 
Related Posts:
UPS phishing again
Obama sex video
Attack Breaks DNS Patches!
Kaminsky provides the why
DNS vulnerability
MPack: the Strange Case of the Mass-Hacking Tool
5/24/2008 7:50:42 AM (Pacific Daylight Time, UTC-07:00)
Buy Wellbutrin
Generic wellbutrin now |marengocountyAT NOSPAMmobilecounty dot com
5/24/2008 8:05:11 AM (Pacific Daylight Time, UTC-07:00)
Paxil Generic Online
discount paxil US |usedcarcolumbusAT NOSPAMhsawrac dot com
Name
E-mail
Home page

Comment (HTML not allowed)  

Enter the code shown (prevents robots):