ooooh, this is one nasty IE vulnerbility

There's a pretty nasty vulnerbility in IE's ITS protocol.  CERN has a write up about it.  Here's a proof of concept that over writes your wmplayer.exe, and launches it.  Definitely not good times here.  Overwriting system files and basically launching whatever code you want.

I heard about something like this last week, but I can't quite remember the source of the info.  It's also being said on slashdot that there are already people taking advantage of this in the wild (surprise, surprise). 

Between IE being a complete and utter joke of web browser when it comes to implementing CSS and any type of web standard, the thing is completely insecure.  The only reason anyone can give for a rational reason to use it would be that they are locked in because some custom control / their design was for whatever reason designed by eight year olds, and requires IE. 

Normally I reserve cricism about microsoft products because I'm afraid someone from that product's team will read this, but I'm about 99% certain that IE simply doesn't have developers working on anything besides what will be coming out in 2-3 years with Longhorn.  And I'm sure that will be a fine, web standard browser.  Right guys?

8 Comments

  • Hmmm, so that's where I've seen it before. On a page last updated 3 months ago of unpatched IE bugs. I guess I had to see a proof of concept before I realized how nasty it could be.



    My bad for bringing up old news. I'm a real reactionary when it comes to IE, because it is the bain of my existance.

  • I should also point out when I tried running this on my work machine that it failed because of two reason #1, I run Firefox. #2, even with Ie it failed because it needs admin privledges to overwrite wmplayer.exe. But I'm willing to bet it still could overwrite user files...



    You know how to get this bug fixed? Use it to get around CAS in .NET. Claim its a bug in .NET, and you'll get this thing prioritized right quick.

  • i think complete and utter joke is a little harsh. IE's support for CSS is ok, and was market-leading when first released. The CSS2 stuff isn't there, but it's not half as bad as people make out.



    regarding your comment



    > The only reason anyone can give for a rational reason to use it would be that they are locked in because some custom control / their design was for whatever reason designed by eight year olds, and requires IE.



    This just isn't true. I use MYIE2, which is based on Internet Explorer. All of my colleagues use Internet Explorer. I can't imagine using any other browser.



    I have Mozilla installed on my wife's computer and it still shows the same problems that it had in 2000 when I first tried it: namely that the brain-dead moronic, build-your-own widgets in XML simply aren't compatible with Windows. This just kills my productivity. Also I do find sites look nicer in IE, simply because that's what people code for.

  • oh btw. the bug is fixed. You need to understand that. Microsoft have fixed in XP sp2, which I am running, so it doesn't affect me at all.



    Thanks for understanding

  • how's the adoption of xp sp2 going out there in the wild?



    what about machines still running windows 2000? or windows 98? i can't wait for sp2 to be out, and I'll upgrade the machines here at work right away, but this is still going to be nasty for the vast majority of people for whom "upgrade to windows xp and install sp2" isn't an option.

  • As for the css support, i'd be very embarrassed if I worked for the IE team. It's buggy and doesn't support many CSS2 selectors. A good chunk (maybe 30%) of CSS articles out there are about working around bugs in IE, and the rest need to include things like the box-model hack and other items.



    And if you do web development, the only thing made fun of more than IE is Netscape 4. It's simply a pain to develop for.

  • "A cross-domain scripting vulnerability in Microsoft Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE."



    I'd like to point out that this is yet another reason not to run your day-to-day machine as Administrator. If you're running as an ordinary user, it's not possible for a malicious user to delete system files, or take other actions requiring Administrator-level privileges. If you are running as Administrator, and fall prey to this or similar vulnerabilities, it's game over. You might as well reformat your machine and re-install.

  • With the huge market share that IE now has, if they ditch the standards on the next version (tied into the OS I believe), I'm gonna drop .NET like a bad habit. Sorry, that's the rules.

Comments have been disabled for this content.