Jump to content

New IE6-SP1 vulnerability


Guest wsxedcrfv

Recommended Posts

It's actually not IE tied to Windows, it's the other way around, but yeah - it raises the attack surface. They're finally getting away from it with IE8 and Win7, but that doesn't help folks using older OSes for sure.

Link to comment
Share on other sites


I definately don't use IE6 as an internet browser anymore, but what else should us Win98 users with IE6 do?

I have set IE6's security level to HIGH. Is that enough?

I don't think there's a definitive answer for you. I've read the exploit makes use of javascript, I'd personally disable that in IE too.

Link to comment
Share on other sites

Microsoft have release a patch that adds DEP to Internet Explorer 6 for Win 2000/XP. I wonder if it can be made to work on Win9x

http://support.microsoft.com/kb/979352

We have also created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.
Link to comment
Share on other sites

Microsoft have release a patch that adds DEP to Internet Explorer 6 for Win 2000/XP. I wonder if it can be made to work on Win9x

http://support.microsoft.com/kb/979352

We have also created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.

DEP requires PAE (Page Address Extensions) which is not available for Windows 9X.

Link to comment
Share on other sites

Guest wsxedcrfv
I didn't realise PAE was part of Win2k

Only win-2K advanced server and datacenter server are mentioned here:

http://support.microsoft.com/kb/283037/

http://msdn.microsoft.com/en-us/library/aa366796(VS.85).aspx

http://support.microsoft.com/default.aspx?...kb;EN-US;268363

Note that win-2k is not mentioned in the following:

-----------

http://www.microsoft.com/whdc/system/platf...PAE/PAEdrv.mspx

Although support for PAE memory is typically associated with support for more than 4 GB of RAM, PAE can be enabled on Windows XP SP2, Windows Server 2003, and later 32-bit versions of Windows to support hardware enforced Data Execution Prevention (DEP).

-----------

If DEP requires PAE on 32-bit OS's (which seems to be the case) and if the plain vanilla versions of win-2k do not support PAE, then they also can't support DEP - unless Microsoft releases some sort of appropriate (and rather sophisticated) patch for win-2K?

Link to comment
Share on other sites

I didn't realise PAE was part of Win2k

Only win-2K advanced server and datacenter server are mentioned here:

http://support.microsoft.com/kb/283037/

http://msdn.microsoft.com/en-us/library/aa366796(VS.85).aspx

http://support.microsoft.com/default.aspx?...kb;EN-US;268363

Note that win-2k is not mentioned in the following:

-----------

http://www.microsoft.com/whdc/system/platf...PAE/PAEdrv.mspx

Although support for PAE memory is typically associated with support for more than 4 GB of RAM, PAE can be enabled on Windows XP SP2, Windows Server 2003, and later 32-bit versions of Windows to support hardware enforced Data Execution Prevention (DEP).

-----------

If DEP requires PAE on 32-bit OS's (which seems to be the case) and if the plain vanilla versions of win-2k do not support PAE, then they also can't support DEP - unless Microsoft releases some sort of appropriate (and rather sophisticated) patch for win-2K?

The page pointed to by your last link mentions Windows 2000 more than once. They just didn't include it in their list of Maximum RAM capabilities.

They also say that DEP automatically activates PAE.

The only alternative to DEP is limiting the Code Segment, but this would make DLLs not executable. So it is not a solution.

Link to comment
Share on other sites

']I definately don't use IE6 as an internet browser anymore, but what else should us Win98 users with IE6 do?

As long as IE resides on your system, you are generally vulnerable to all its attack points, even if you never use it to browse. (The same goes for other MS programs that have similar vulnerabilities, such as Outlook Express).

If safety is your highest concern, you should remove the app and use a third party product for browsing, mail, etc.

Link to comment
Share on other sites

http://www.microsoft.com/downloads/details...05-7d5370263c1b

Here it is (for Win 2K SP4). I Hope its contents are compatible.

BTW, you might be interested to know this exploit was reported to MS in September 2009:

http://news.cnet.com/8301-27080_3-10439004-245.html

"When the attack discussed in Security Advisory 979352 was first brought to our attention on January 11, we quickly released an advisory for customers two days later," he wrote. "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."
Edited by Steven W
Link to comment
Share on other sites

DEP (+ implicitly PAE) is only available to modern Intel [P4 + all multi-core] + AMD CPUs.

DEP capabilities have been enabled by MS only into XP SP2, XP SP3 and newer Windows OSes: 2003 SP1 (and newer), Vista, 2008 + 7.

To Execute or not to Execute:

http://en.wikipedia.org/wiki/Executable_space_protection

PAE:

http://en.wikipedia.org/wiki/Physical_Address_Extension

How to enabled DEP on MS OSes:

http://support.microsoft.com/kb/875352

More details:

http://blogs.zdnet.com/Ou/?p=150

HTH

Link to comment
Share on other sites

  • 2 weeks later...
Was the Win-2K patch for KB978207 supposed to implement or activate DEP on that OS? Did it?
No, Windows 2000 never had those functions implemented, and is not DEP aware. And this mere Internet Explorer patch (which installs only web browser files) cannot do that. :rolleyes: DEP support requires dedicated code built into OS core files, like ntoskrnl.exe and similar.

DEP was enabled beginning with WinXP SP2 (and onwards).

MS never released a Win2000 SP5, therefore this will never happen. Support cycle expired for Win2K OS patches, only critical security patches are now released, and only until July 2010, when the entire Win2000 OS reaches the end of "extended" support period.

http://support.microsoft.com/lifecycle/

But Win2000 is "PAE" enabled (in SP4 anyway), so one can use that parameter in BOOT.INI [ /PAE], to take advantage of computers (sort of) with more than 4 GB RAM (Intel address extensions), even if the OS is 32-bit.

http://www.microsoft.com/whdc/system/platf...pae/paedrv.mspx

BOOT.INI params:

http://web.archive.org/web/20080105023918r...s/bb963892.aspx

And fyi just in case you're asking, none of the 9x OSes [Win95/98/ME] have code for any of these functions.

HTH

Link to comment
Share on other sites

Also, at least until the MS guys don't find it and delete it as they did for the original page:

http://technet.microsoft.com/en-us/sysinte...s/bb963892.aspx

however still listed on the "index" page here:

http://technet.microsoft.com/en-us/sysinte...s/bb469934.aspx

(which redirects to the Sysinternals homepage)

can still be found here:

http://www.microsoft.com/taiwan/technet/sy...on/bootini.mspx

This is supposedly the new page:

http://msdn.microsoft.com/en-us/library/ms791480.aspx

I guess the good MS guys should really put together their act, and either leave things where they are or, if moving them, link to the new place where they moved them. :whistle:

jaclaz

Edited by jaclaz
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...