| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Windows XP Explorer Executes Arbitrary Code in Folders | |
|
||
| Time: 02:05 EST/07:05 GMT | News Source: SecurityTracker | Posted By: Joshua Baer | ||
|
A vulnerability was reported in Microsoft Windows XP in Windows Explorer. A remote user can create a folder that, when viewed by the target user, will execute arbitrary code on the target user's system. It was reported that a remote user can create a specially crafted 'folder' that includes HTML scripting code and a Windows executable ('.exe' file) containing arbitary code. When a target user attempts to view the contents of the 'folder' (which may be considered an ostensibly safe task by many users), the arbitrary code will be automatically executed on the target user's computer by Windows Explorer. The code will run with the privileges of the target user. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 152 Last | Next |
The time now is
6:53:41 PM
ET.
Any comment problems? E-mail us |
| #1 By 1845 (67.161.212.73) at 1/27/2004 7:22:05 AM |
| I really don't get this. The focus seems to be on the auto-execution issue. However, I'd say the more important issue is being able to write to a remote file system. I'd like more information on the remote write than I would on Explorer displaying HTML. BTW, the HTML in the exploit doesn't work on my install of IE - XP sp1 fully patched. |
| #2 By 12071 (203.217.67.71) at 1/27/2004 9:16:01 AM |
|
#1 "I'd say the more important issue is being able to write to a remote file system."
There's no problem with this as far as I understand the exploit. You still require the user to be silly enough to save the download/mail-attachment/whatever onto their computer. All this does is it at that point make it a little more likely for the user to then click on it. i.e. if a mail is sent around with an attachment "Office Christmas Party 2003 Pics.folder" in a zip, which is then saved onto their desktop or wherever, the user will be visually presented with the folder icon named "Office Christmas Party 2003" meaning that there's more of a chance of the user then double clicking on it. So this exploit isn't anything new, it's just a new way of targeting the same users that continue to click on attachments. |
| #3 By 1845 (67.161.212.73) at 1/27/2004 10:40:36 AM |
|
Joshua, I get a security warning that the ActiveX control cannot be launched. I've customized my IE settings somewhat though. I don't like surprises. :-)
kabuki, yeah, that's my piont. The seems to be on this folder issue. If, however, an attacker can remotely write to my filesystem, I'd say that's a far worse issue. From the sound of the exploit, it seems that this remote write is possible. Otherwise, this is about as exciting as sending an HTML doc with some VBScript that does bad stuff using FileSystemObject. IOW, I don't see this as anything new. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 152 Last | Next |
The time now is
6:53:41 PM
ET.
Any comment problems? E-mail us |
