Carsten Eiram, chief security specialist, Secunia
February 01, 2011
Threat of the month

THREAT OF THE MONTH

IE zero-day

What is it?

An unpatched vulnerability in Microsoft Internet Explorer is currently being actively exploited. The vulnerability was initially reported via public mailing lists as a browser crash (DoS). However, it was quickly determined by various researchers, including internally at Secunia, that the vulnerability allows execution of arbitrary code on a user's system when viewing a specially crafted web page.

How does it work?
Internet Explorer supports CSS style sheets, which may be included via an @import CSS command. However, a use-after-free error within mshtml.dll when handling recursive CSS style sheet references (i.e., when a CSS style sheet references itself) can be exploited to de-reference already-freed memory in a manner that makes it possible to gain control of the program flow.

How can I prevent it?
Microsoft has yet to patch. However, in the meantime, a temporary Microsoft FixIt solution has been made available. This implements a check in mshtml.dll to prevent recursive loading of CSS style sheets.

Source: Carsten Eiram, chief security specialist, Secunia
From the February 2011 Issue of SCMagazine »
Similar Articles
Related Topics

More in Features

Behind the scenes: Privacy and data-mining

Behind the scenes: Privacy and data-mining

With data-mining firms harvesting personal information from online activity, privacy advocates, if not yet consumers, are alarmed, reports James Hale.

The great divide: Reforming the CFAA

The great divide: Reforming the CFAA

Aaron Swartz's death inspired Rep. Zoe Lofgren to want to reform the federal anti-hacking law, but some security pros worry this would sterilize a potent enforcement weapon, reports Dan Kaplan.

Suspect everything: Advanced threats in the network

Suspect everything: Advanced threats in the network

Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.