US-CERT Technical Cyber Security Alert TA06-270A -- Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability

Who's Online Now

0 members (), 674 guests, and 31 robots.

Key: Admin, Global Mod, Mod

ShoutChat

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

KSC PAD 39A

KSC PAD 39B

TLE DATA

IDB.COM.AU
For all your TLE downloads.

May
S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Today's Birthdays

There are no members with birthdays on this day.

AUS-CITY Recent Posts

I've had it with all these monkey fighting snakes in my monkey fighting pants on my monkey fighting plane [Strange]
by Alisa - Thu 02 May 2024 05:20:PM

Man with a gluten-free diet may not be competent to stand trial [Sick]
by Alisa - Thu 02 May 2024 04:50:PM

Today's 2-hour serving of '80s alt/post-punk/new wave music includes tunes from Aztec Camera, China Crisis, OMD, and Hunters & Collectors. Hear what commercial radio doesn't sound like on pastFORWARD #601. Starts @ 1:00PM ET, LGT streaming options [Live]
by Alisa - Thu 02 May 2024 04:30:PM

Inmate swallows mobile phone before search rather than hide it under bed or in toilet. Guards now have his cell number [Dumbass]
by Alisa - Thu 02 May 2024 04:20:PM

Wait, hang on a second, you're telling me that putting a blanket over a baby that is far too heavy for them to push off them is a BAD idea? [Obvious]
by Alisa - Thu 02 May 2024 04:05:PM

Pentagon admits that, whoa, maybe choosing to save a little money over years by downsizing its available number of trained combat surgeons wasn't really a well-thought plan [Obvious]
by Alisa - Thu 02 May 2024 03:35:PM

I don't know about you, but if my nickname was 'Pee Wee', I wouldn't go exposing myself to shoppers at Target, Walmart, and Burlington stores. Just sayin' [Strange]
by Alisa - Thu 02 May 2024 03:05:PM

Principal that showed up with McNuggets and Grimace shake to have sex with student pleads guilty [Followup]
by Alisa - Thu 02 May 2024 02:35:PM

So go ruck yourself [Interesting]
by Alisa - Thu 02 May 2024 02:20:PM

Today in H5N1 updates: Is "hold onto your butts" a question or an answer? Because this is beginning to feel like one of those situations [Obvious]
by Alisa - Thu 02 May 2024 01:50:PM

AUS-CITY Latest Photos

Art By MA
by Alisa, July 27

"5greenheart" by MA
by Alisa, July 27

"3moons" by MA
by Alisa, July 27

Art By MA
by Alisa, July 27

Popular Topics(Views)

4,736,753 The most hated Government Department

3,125,371 UBI, Updates and the rest :-)

840,857 Access to new forum UBI and PBS Private

700,801 CYPRUS SAT ON AIR CH60

519,918 What can we expect of TV Plus ?

511,658 Department of Child Safety's most shameful office

432,821 UBI vs DigiTurk - Turkish Package Changes

347,251 TARBS WAS SCREWED!!!!

339,762 Moderate 4.4 quake hits near Gisborne, Gisborne District, New Zealand

325,905 aussiefrogs.com offline

AUS-CITY Earthquake Map

AUS-CITY Advertisements

Print Thread

Rate Thread

US-CERT Technical Cyber Security Alert TA06-270A -- Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability #30849 Sun 08 Oct 2006 04:58:PM
Joined: Feb 2001 Posts: 3,536 Ontario, Canada VA3DBJ OP Mission Commander
OP VA3DBJ Mission Commander Joined: Feb 2001 Posts: 3,536 Ontario, Canada	-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-270A Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability Original release date: September 27, 2006 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer Overview The Microsoft Windows WebViewFolderIcon ActiveX control contains an integer overflow vulnerability that could allow a remote attacker to execute arbitrary code. I. Description The Microsoft Windows WebViewFolderIcon ActiveX control contains an integer overflow vulnerability. An attacker could exploit this vulnerability through Microsoft Internet Explorer (IE) or any other application that hosts the WebViewFolderIcon control. More information is available in Vulnerability Note VU#753044. Exploit code for this vulnerability is publicly available. II. Impact By convincing a user to open a specially crafted HTML document, such as a web page or HTML email message, a remote attacker could execute arbitrary code with the privileges of the user who is running the program that hosts the WebViewFolderIcon control. III. Solution Microsoft has not released an update for this vulnerability. Consider the following workarounds and best practices: Disable the WebViewFolderIcon ActiveX control To protect against this specific vulnerability, disable the WebViewFolderIcon control by setting the kill bit for the following CLSID: {844F4806-E8A8-11d2-9652-00C04FC30871} More information about how to set the kill bit is available in Microsoft Support Document 240797. Disable ActiveX To protect against this and other ActiveX and COM vulnerabilities, disable ActiveX in the Internet Zone and any other zone that might be used by an attacker. Instructions for disabling ActiveX in the Internet Zone can be found in the "Securing Your Web Browser" document and the Malicious Web Scripts FAQ. Render email as plain text To protect against this and other vulnerabilities that require a victim to load a malicious HTML document, configure email clients to render email as plain text. Do not follow unsolicited links To protect against this and other vulnerabilities that require a victim to load a malicious HTML document, do not follow unsolicited or untrusted links. In order to convince users to visit their sites, attackers often use URL encoding, IP address variations, long URLs, intentional misspellings, and other techniques to create misleading links. Do not click on unsolicited links received in email, instant messages (IMs), web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases, particularly if a trusted site has been compromised or allows cross-site scripting. IV. References * Vulnerability Note VU#753044 - <http://www.kb.cert.org/vuls/id/753044> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * Malicious Web Scripts FAQ - <http://www.cert.org/tech_tips/malicious_code_FAQ.html> * CVE-2006-3730 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3730> * Microsoft Support Document 240797 - <http://support.microsoft.com/kb/240797> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-270A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-270A Feedback VU#753044" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History September 27, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRRr/eexOF3G+ig+rAQIhyAf/fQEq6CeRusvnGxVXAq3DlDtStv2bKOAX aL7ynLjuyiMk6/oqOmzhuY9hu8zLaTXo2O3KhUpt+27KuxSEf+Kc1I9K2d19IP/P vgNxQaqh2wzdW+iXv18c8sYU4SA+bTXdvpQp1oVmJ1oZiyBYrQjSGFxjZ4PJXD5k 02YUoQNk6tWWDvA4Fe3bDhx3J8NqTcht/+mcJkAzL0TmE7bYDE+cNkqLLbQ7BTa6 M8RkH/DMkOM9mSoFIFAszSbTcMJJmH0yM3948+rrL0Wr/rAC4h9pCKMWA8w4k0bp enXfYh2B1utRJs/AZSz83wRGO/DdD5x4xQ0OWsMYDAzGudYr6MycfQ== =2nCt -----END PGP SIGNATURE-----