Jump to content

New IE6-SP1 vulnerability

Guest wsxedcrfv

By Guest wsxedcrfv
in Windows 9x/ME

 Share

Recommended Posts

cluberti

cluberti

Posted
Posted

It's actually not IE tied to Windows, it's the other way around, but yeah - it raises the attack surface. They're finally getting away from it with IE8 and Win7, but that doesn't help folks using older OSes for sure.


galahs

galahs

Posted
Posted

I definately don't use IE6 as an internet browser anymore, but what else should us Win98 users with IE6 do?

I have set IE6's security level to HIGH. Is that enough?

Steven W

Steven W

Posted
Posted
I definately don't use IE6 as an internet browser anymore, but what else should us Win98 users with IE6 do?

I have set IE6's security level to HIGH. Is that enough?

I don't think there's a definitive answer for you. I've read the exploit makes use of javascript, I'd personally disable that in IE too.

galahs

galahs

Posted
Posted

Microsoft have release a patch that adds DEP to Internet Explorer 6 for Win 2000/XP. I wonder if it can be made to work on Win9x

http://support.microsoft.com/kb/979352

We have also created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.
rloew

rloew

Posted
Posted
Microsoft have release a patch that adds DEP to Internet Explorer 6 for Win 2000/XP. I wonder if it can be made to work on Win9x

http://support.microsoft.com/kb/979352

We have also created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.

DEP requires PAE (Page Address Extensions) which is not available for Windows 9X.

Guest wsxedcrfv

Guest wsxedcrfv

Posted
Posted
I didn't realise PAE was part of Win2k

Only win-2K advanced server and datacenter server are mentioned here:

http://support.microsoft.com/kb/283037/

http://msdn.microsoft.com/en-us/library/aa366796(VS.85).aspx

http://support.microsoft.com/default.aspx?...kb;EN-US;268363

Note that win-2k is not mentioned in the following:

-----------

http://www.microsoft.com/whdc/system/platf...PAE/PAEdrv.mspx

Although support for PAE memory is typically associated with support for more than 4 GB of RAM, PAE can be enabled on Windows XP SP2, Windows Server 2003, and later 32-bit versions of Windows to support hardware enforced Data Execution Prevention (DEP).

-----------

If DEP requires PAE on 32-bit OS's (which seems to be the case) and if the plain vanilla versions of win-2k do not support PAE, then they also can't support DEP - unless Microsoft releases some sort of appropriate (and rather sophisticated) patch for win-2K?

rloew

rloew

Posted
Posted
I didn't realise PAE was part of Win2k

Only win-2K advanced server and datacenter server are mentioned here:

http://support.microsoft.com/kb/283037/

http://msdn.microsoft.com/en-us/library/aa366796(VS.85).aspx

http://support.microsoft.com/default.aspx?...kb;EN-US;268363

Note that win-2k is not mentioned in the following:

-----------

http://www.microsoft.com/whdc/system/platf...PAE/PAEdrv.mspx

Although support for PAE memory is typically associated with support for more than 4 GB of RAM, PAE can be enabled on Windows XP SP2, Windows Server 2003, and later 32-bit versions of Windows to support hardware enforced Data Execution Prevention (DEP).

-----------

If DEP requires PAE on 32-bit OS's (which seems to be the case) and if the plain vanilla versions of win-2k do not support PAE, then they also can't support DEP - unless Microsoft releases some sort of appropriate (and rather sophisticated) patch for win-2K?

The page pointed to by your last link mentions Windows 2000 more than once. They just didn't include it in their list of Maximum RAM capabilities.

They also say that DEP automatically activates PAE.

The only alternative to DEP is limiting the Code Segment, but this would make DLLs not executable. So it is not a solution.

the xt guy

the xt guy

Posted
Posted

']I definately don't use IE6 as an internet browser anymore, but what else should us Win98 users with IE6 do?

As long as IE resides on your system, you are generally vulnerable to all its attack points, even if you never use it to browse. (The same goes for other MS programs that have similar vulnerabilities, such as Outlook Express).

If safety is your highest concern, you should remove the app and use a third party product for browsing, mail, etc.

Steven W

Steven W

Posted
Posted (edited)

http://www.microsoft.com/downloads/details...05-7d5370263c1b

Here it is (for Win 2K SP4). I Hope its contents are compatible.

BTW, you might be interested to know this exploit was reported to MS in September 2009:

http://news.cnet.com/8301-27080_3-10439004-245.html

"When the attack discussed in Security Advisory 979352 was first brought to our attention on January 11, we quickly released an advisory for customers two days later," he wrote. "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."
Edited by Steven W
MDGx

MDGx

Posted
Posted

DEP (+ implicitly PAE) is only available to modern Intel [P4 + all multi-core] + AMD CPUs.

DEP capabilities have been enabled by MS only into XP SP2, XP SP3 and newer Windows OSes: 2003 SP1 (and newer), Vista, 2008 + 7.

To Execute or not to Execute:

http://en.wikipedia.org/wiki/Executable_space_protection

PAE:

http://en.wikipedia.org/wiki/Physical_Address_Extension

How to enabled DEP on MS OSes:

http://support.microsoft.com/kb/875352

More details:

http://blogs.zdnet.com/Ou/?p=150

HTH

  • 2 weeks later...
Guest wsxedcrfv

Guest wsxedcrfv

Posted
Posted

Was the Win-2K patch for KB978207 supposed to implement or activate DEP on that OS? Did it?

MDGx

MDGx

Posted
Posted
Was the Win-2K patch for KB978207 supposed to implement or activate DEP on that OS? Did it?
No, Windows 2000 never had those functions implemented, and is not DEP aware. And this mere Internet Explorer patch (which installs only web browser files) cannot do that. :rolleyes: DEP support requires dedicated code built into OS core files, like ntoskrnl.exe and similar.

DEP was enabled beginning with WinXP SP2 (and onwards).

MS never released a Win2000 SP5, therefore this will never happen. Support cycle expired for Win2K OS patches, only critical security patches are now released, and only until July 2010, when the entire Win2000 OS reaches the end of "extended" support period.

http://support.microsoft.com/lifecycle/

But Win2000 is "PAE" enabled (in SP4 anyway), so one can use that parameter in BOOT.INI [ /PAE], to take advantage of computers (sort of) with more than 4 GB RAM (Intel address extensions), even if the OS is 32-bit.

http://www.microsoft.com/whdc/system/platf...pae/paedrv.mspx

BOOT.INI params:

http://web.archive.org/web/20080105023918r...s/bb963892.aspx

And fyi just in case you're asking, none of the 9x OSes [Win95/98/ME] have code for any of these functions.

HTH

jaclaz

jaclaz

Posted
Posted (edited)

Also, at least until the MS guys don't find it and delete it as they did for the original page:

http://technet.microsoft.com/en-us/sysinte...s/bb963892.aspx

however still listed on the "index" page here:

http://technet.microsoft.com/en-us/sysinte...s/bb469934.aspx

(which redirects to the Sysinternals homepage)

can still be found here:

http://www.microsoft.com/taiwan/technet/sy...on/bootini.mspx

This is supposedly the new page:

http://msdn.microsoft.com/en-us/library/ms791480.aspx

I guess the good MS guys should really put together their act, and either leave things where they are or, if moving them, link to the new place where they moved them. :whistle:

jaclaz

Edited by jaclaz

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...