Whipnet's Home
Home
Whipnet's Web Hosting Services
Whipnet's Tech Services for Houston, Tx

Contact Whipnet

 


Business Consultations
You Are Here --->
Software Services
Virus Removal Services
 
Technical Hand - Hardware - LAN - Rollouts

 

 

Where is the Industry Headed?

Future of Computing

Home | Computer Hardware ServicesMicrosoft Security Bulletins

The information provided in this site is provided "as is" without warranty of any kind. Microsoft Corporation disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Furthermore, this information is only listed as a resource for such information by Whiptech. Whiptech is in no way responsible for the use or misuse of the information by anyone, anywhere, at anytime.

Home | Computer Hardware ServicesMicrosoft Patch Disclosure - August 2006

Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)
Published: August 8, 2006
Microsoft Severity Rating: Critical

Description:
This vulnerability was found in the way that Windows Explorer handles drag and drop events, which allows for code execution in the context of the logged-in user. In order for this vulnerability to be exploited, users must first be tricked into visiting a malicious website, saving a malicious file, then executing that file. Alternatively, this vulnerability can be exploited via email attachments but does require the victim to open the attachment. A remote code execution vulnerability exists in Windows Explorer because of the way that Windows Explorer handles Drag and Drop events. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow an attacker to save a file on the user's system if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. User interaction is required to exploit this vulnerability

Mitigating Factors:
Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
. In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. After they click the link, they would be prompted to perform several actions. An attack could only occur after they performed these actions.
. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
. The Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario described previously.v By default, Outlook Express 6, Outlook 2002, and Outlook 2003 open HTML e-mail messages in the Restricted sites zone. Additionally, Outlook 98 and Outlook 2000 open HTML e-mail messages in the Restricted sites zone if the Outlook E-mail Security Update has been installed. Outlook Express 5.5 Service Pack 2 opens HTML e-mail messages in the Restricted sites zone if Microsoft Security Bulletin MS04-018 has been installed.
. The vulnerability could not be exploited automatically through e-mail. For an attack to be successful a user must open an attachment or click on a link that is sent in an e-mail message.

Affected Software:

. Microsoft Windows 2000 Service Pack 4
. Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
. Microsoft Windows XP Professional x64 Edition
. Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
. Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server   2003 with SP1 for Itanium-based Systems
. Microsoft Windows Server 2003 x64 Edition

HOME                                                          © 2002-2020 Whipnet Technologies