-
IE Vulnerability
I understand this:
An vulnerability has been announced for Systems running Windows NT 4.0 and Windows 2000 connected to the Internet and using the Internet Explorer web browser versions 5.5 and 6.0. (Internet Explorer 5.01 is unaffected by this vulnerability).
Vulnerability: "A flaw occurs because the security checks that Internet Explorer carries out when particular object caching techniques are used in web pages are incomplete". Exploitation of this vulnerability could enable an attacker to invoke an executable that was already present on the local system. It could also allow an attacker to load a malicious executable on the user's system, or to pass parameters to an executable. This could be done by the attacker constructing a web page that uses a cached programming technique, and could then host it on the website or send it via e-mail. In the case of the web-based attack vector the page could be automatically opened when a user visited the site. In the case of the HTML mail-based attack vector, the page could be opened when the recipient opened the mail or viewed it using the preview pane.
Countermeasure: Disabling HTML Help reduces the scope of this vulnerability as it removes the ability to load a malicious executable on a user's system or to pass parameters to an executable. This can be done with a registry key setting. To disable the commands for all Help files, change the registry key as follows:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "HelpQualifiedRootDir"=""
The DisableAllShortcuts.reg file will disable the commands for you.
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
Existing Cautions: If you disable the commands for all help files, then the following mitigating factors apply.
The vulnerability would allow a user to read but not add, delete or modify files on the user's local machine.
The attacker would need to know the name and location of any file on the system to successfully invoke it. If invoked, there would be no way for an attacker to pass the parameters to that executable.
The vulnerability would not provide any way for an attacker to put a program of their choice onto another user's system.
But, What is the full fix? Does anyone have information on the service pack?
-
This page has the download of the IE patch which will fix the problem you're having:
December 2002, Cumulative Patch for Internet Explorer (Q324929)
Judging by the information you have posted, you would have most likely been at the page which also contains the patch...