Greeting's
Microsoft today released an advisory relating to a 0-day exploit found for IE.
Quote:
Technical Description
A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to crash a vulnerable browser or take complete control of an affected system. This flaw is due to a memory corruption error when processing a specially crafted argument passed to the "KeyFrame()" method of a "DirectAnimation.PathControl" (daxctle.ocx) ActiveX object, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by convincing a user to visit a malicious Web page.
FrSIRT has successfully exploited this vulnerability on a fully patched Windows XP SP2 system.
Here is the workaround (although we know it) :
Disable Active Scripting in the Internet and Local intranet security zones :
- In Internet Explorer, click Internet Options on the Tools menu
- Click the Security tab
- Click Internet, and then click Custom Level
- Under Settings, in the Scripting section, under Active Scripting, click Disable, and then click OK
- Click Local intranet, and then click Custom Level
- Under Settings, in the Scripting section, under Active Scripting, click Disable, and then click OK
- If you are prompted to confirm that you want to change these settings, click Yes
- Click OK to return to Internet Explorer
Links :
http://www.frsirt.com/english/advisories/2006/3593
http://www.microsoft.com/technet/sec...ry/925444.mspx
