Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Virus and Vulnerability Roundup
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

New IE gopher flaw enables remote PC attacks

The bug could allow a remote user to gain access to a host computer.

June 5, 2002 12:00 PM ET

IDG News Service - Another security flaw identified in Microsoft Corp.'s Internet Explorer 5.5 and 6.0 Web browsers has the potential to give a remote user access to a host computer, according to a Finnish security company.
The attack exploits IE's built-in gopher client. Gopher, a nearly obsolete protocol for accessing remote directories and files, has been largely superseded by the Web and HTTP.
The code in IE that parses gopher replies contains an exploitable buffer overflow bug. A malicious server could be used to run arbitrary code on an IE user's system, Online Solutions Oy said in a security advisory issued yesterday.
The attack can be launched via a Web page or an HTML mail message that redirects the user to a malicious gopher server when the user views them. The exploiter could do anything a regular user could do on the system -- retrieve, install or remove files, or upload and run programs.
IE users can protect themselves from the flaw by disabling the gopher protocol. Since very few gopher servers still exist on the Internet today, this is unlikely to cause operational problems, the company said.
Jyvaskyla, Finland-based Online Solutions said it informed Microsoft of the vulnerability May 20 and that Microsoft has indicated that it's working on a patch.
A Microsoft spokesman said the Microsoft Security Response Center is investigating the issue, just as the company does with every report it receives of security vulnerabilities affecting Microsoft products.
"At this point in the investigation we feel strongly that speculating on the issue while the investigation is in progress would be irresponsible and counterproductive to our goal of protecting our customers' information," the spokesman said.
"Microsoft is moving forward on the investigation with all due speed and, when it is completed, we will take the action that best serves Microsoft's customers," the spokesman said.
The spokesman said Microsoft was concerned with the way the report of this vulnerability was handled. He said publishing the report could put computer users at risk -- or at the very least could cause needless confusion and apprehension. He said responsible security researchers work with the vendor of a suspected vulnerability to ensure that a patch is developed before the issue is made public.
Until a patch is released, Online Solutions suggests that users follow a simple way to disable processing and displaying gopher pages by defining a nonfunctional gopher proxy in the Internet Options menu.
Users should select Tools -> Internet options -> Connections; click on "LAN settings"; check "Use a proxy server for your LAN"; click on "Advanced..."; in this area, where users can define proxy servers to be used with different protocols, go to the gopher text field and enter "localhost", and "1" in the port text field. This will stop IE from fetching any gopher documents, the company said.

Linda Rosencrance of Computerworld contributed to this report.







Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Viruses

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

LIVE Dec 10, 2009 03:00 PM ET
 

Integrated Security for Broad Protection, Swift Response
If you were a hacker, would you rather attack Bank of America or Bob's Bike Shop?  

The Security Paradox
Read the first global study that quantifies the cost of reactive versus proactive security in a midsize organization.  

Share our Strength
Download Now  

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.