News
Zero-Day Treasure Hunt: Researcher Hides IE Attack on Web
Security researcher Aviv Raff has published code that would allow someone to take control of a computer running Internet Explorer, but there's a catch. He's not saying exactly where he's hidden the attack.
By Robert McMillan, IDG News Service (San Francisco Bureau)
May 08, 2008 —
Security researcher Aviv Raff has published code that would allow someone to take control of a computer running Internet Explorer, but there's a catch. He's not saying exactly where he's hidden the attack.
"Somewhere in my blog, I embedded a proof-of-concept code which exploits this 0day vulnerability," Raff wrote in a Wednesday blog posting. A 0day attack is a previously undisclosed software flaw that has not been fixed by the software maker.
The bug, which affects Internet Explorer 7 and IE 8, could allow an attacker to run unauthorized software on a victim's computer. Raff informed Microsoft of the flaw on Tuesday and the software vendor has not yet patched it, Raff said.
Microsoft didn't get much time to fix the bug, but Raff said he didn't feel that Microsoft would address the issue quickly unless he went public with the vulnerability.
When he has followed Microsoft's responsible disclosure guidelines in the past, the company has been too slow to fix bugs, he said via instant message. "The last time I used their Responsible Disclosure policy it took them six months to fix one line of code."
For Raff's attack to work, the hacker would first have to put a small amount of HTML code on a Web site and then persuade the victim to use a specific Internet Explorer feature on that site, he said.
The Israeli hacker said that the idea of disclosing his attack in a treasure hunt came from a local custom of playing such games during Israel's Independence Day, which falls on Thursday.
Raff has put the code on his own Web site, and he will offer clues as to what people must do to trigger the flaw over the next few days. When triggered, Raff's proof-of-concept code launches two copies of Microsoft's calculator software on the victim's computer, but it could be altered to do something malicious.
Next Wednesday, he will release full details of the bug along with his proof-of-concept code.
Microsoft was unable to immediately comment for this story.
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
Discover whether hosting is your smartest choice for enterprise messaging.
To host or not to host? Thats the question for many CIOs as the volume and complexity of enterprise messaging continues to skyrocket.
- Moving Past Enterprise Single Sign-On (SSO): Securing Internet SSO
- Enterprise Management Associates: Taking the Botnet Threat Seriously
- Understanding Data Location is Imperative for Data Loss Prevention
- Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
- 5 Strategies for Reducing the High Cost of Online Consumer Authentication
- Guide: 5 Steps to Secure Outsourced Application Development
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
7th Annual Digital ID World
-
September 8 - 10, 2008Hilton AnaheimRegister now »
Anaheim, California
(ISC)2 members can earn up to 20 CPE Credits
Reference priority code ONLINE and save $800 off the full registration price — attend the program for $995
