Microsoft releases advisory for Windows scripting bug

Share this article:

Microsoft on Friday warned of a new scripting vulnerability affecting all supported versions of Windows.

The vulnerability, similar to a cross-site scripting bug, is present in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler, used by applications to render certain types of documents, Angela Gunn, senior marketing communications manager for Microsoft Trustworthy Computing, wrote on a company blog post.

Unsuspecting internet users could be exploited if they visit a website that forces them to run malicious scripts.

"It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of a web request run in the context of the victim's Internet Explorer [browser]," according to the advisory. "The script could spoof content, disclose information, or take any action that the user could take on the affected website on behalf of the targeted user."

Gunn said Microsoft is aware of a publicly available proof-of-concept exploit, but does not know of any active attacks.

In lieu of a patch, users are encouraged to lock down the MHTML protocol or switch certain security zone settings to "high" to block ActiveX controls and Active Scripting, according to the advisory, which details the steps. Microsoft also has released a Fix-It solution to automate the mitigation.

A post on Microsoft's Security Research & Defense blog provides additional information about the flaw.

Experts, though, doubt they will see widespread exploitation.

"At first glance today's advisory looks grim because it affects every supported Windows platform," Andrew Storms, director of security operations at vulnerability management firm nCircle, said in a statement. "However, even though the proof-of-concept code is public, carrying out an attack using this complicated cross-site scripting-like bug will not be easy."


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.