IIS Sites and IE Users Under Attack - DiscussWorldIssues - Socio-Economic Religion and Political Uncensored Debate

**PetraCromlich** · 11-23-2005, 08:00 AM

FYI:

Security Alert, June 25, 2004

IIS Sites and IE Users Under Attack

A new

form of attack is spreading around the Internet, but to what
extent remains unknown at the time of this writing.

The attack affects
unpatched Microsoft IIS systems, which, when compromised, then attack
unprotected Microsoft

Internet Explorer (IE) systems.
Malicious users use an overflow condition in IIS to compromise an
unpatched

system. The vulnerability is related to the Private
Communications Transport (PCT) in Microsoft's SSL library.

Malicious
Javascript code is inserted into a Web page, and when unprotected IE
users visit the compromised Web

page, IE might run the Javascript code
on the user's system. The code then injects the system with

the
attacker's code of choice.
If possible, administrators should install Microsoft patch MS04-011
to

protect IIS. According to iDEFENSE, IE users are being compromised
with a combination of two vulnerabilities: One

of these
vulnerabilities is related to a problem in MIME Encapsulated Aggregate
HTML (MHTML), and the other is

related to ADO databases (ADODB).
Microsoft has made the MS04-013 patch available for the MHTML problem,
but

no patch is yet available for the ADODB vulnerability. IE users
should consider disabling active scripting in IE

to protect their
systems against these attacks.

http://secadministrator.com/articles...rticleid=43088

For more details about this

vulnerability, as well as links to
patches, workarounds, and Intrusion Detection System (IDS) signatures
to

help detect this attack, be sure to visit our Web site at the
provided URL.

**Soulofpostar** · 12-17-2005, 08:00 AM

That's nice for

folks like you and me, but think about how many people don't even think about patches.

As for SP2,

I'll be doing lots of testing. Rumor is it'll "break" lots of things.
(Never did like XP much, thought of it like

"ME". Maybe SP2 will change my mind.

That's why I set up my clients to auto download the updates.

It helps them a lot and saves me a few phone calls.

I have a copy of SP2/RC2. Got it a few days ago from MS.

They shipped to people who attended the release seminars. So far, it hasn't broken anything. There are some changes

like it turns on the firewall automatically. You need to go back and check shares to make sure they are allowed,

minor tweaks like that.

XP (Full or OEM using NTFS) is a lot more stable than ME but can be a pain in the rear

on some things. One of the big problems is people do the upgrade and continue to use FAT32.

**Soulofpostar** · 05-17-2006, 08:00 AM

Just download the patches when

they become available and solve the majority of the problems. Either that or start using Opera and Mozilla.

Microsoft is releasing Windows XP Service Pack 2 on July 23rd. It has lots of nice enhancements and security

upgrades. Many of the major flaws in IE security will be fixed with that patch. As soon as it is available, download

and install it.

**PetraCromlich** · 06-12-2006, 08:00 AM

That's why I set

up my clients to auto download the updates. It helps them a lot and saves me a few phone calls.

I have a

copy of SP2/RC2. Got it a few days ago from MS. They shipped to people who attended the release seminars. So far, it

hasn't broken anything. There are some changes like it turns on the firewall automatically. You need to go back and

check shares to make sure they are allowed, minor tweaks like that.

XP (Full or OEM using NTFS) is a lot

more stable than ME but can be a pain in the rear on some things. One of the big problems is people do the upgrade

and continue to use FAT32.

Auto update is a good thing, the users I deal with don't have

administrative rights. We're getting ready to deploy St Banard software to push patches.
I agree, XP is more

stable than ME, but I've always found that M$ has done an alternating "OK"/ piece 'o cr@p cycle of OS's and

patches (I still remember SP6 for NT)
Yes I agree NTFS all the way...NFS would be even better!
Heard that if

you have applications that require network access, you have to go into the firewall and open the ports to them.

Usually, I run the RC/Betas, but the last couple of months have been"interesting" and I haven't had time. Been an

"oficial" M$ beta tester for years!

Oh well, Microsoft software = Job security!

**PetraCromlich** · 09-30-2006, 08:00 AM

Just download the

patches when they become available and solve the majority of the problems. Either that or start using Opera and

Mozilla.

Microsoft is releasing Windows XP Service Pack 2 on July 23rd. It has lots of nice enhancements and

security upgrades. Many of the major flaws in IE security will be fixed with that patch. As soon as it is available,

download and install it.

That's nice for folks like you and me, but think about how many people

don't even think about patches.

As for SP2, I'll be doing lots of testing. Rumor is it'll

"break" lots of things.
(Never did like XP much, thought of it like "ME". Maybe SP2 will change my mind.

11-23-2005, 08:00 AM	#1
PetraCromlich Join Date Oct 2005 Posts 467 Senior Member	IIS Sites and IE Users Under Attack FYI: Security Alert, June 25, 2004 IIS Sites and IE Users Under Attack A new form of attack is spreading around the Internet, but to what extent remains unknown at the time of this writing. The attack affects unpatched Microsoft IIS systems, which, when compromised, then attack unprotected Microsoft Internet Explorer (IE) systems. Malicious users use an overflow condition in IIS to compromise an unpatched system. The vulnerability is related to the Private Communications Transport (PCT) in Microsoft's SSL library. Malicious Javascript code is inserted into a Web page, and when unprotected IE users visit the compromised Web page, IE might run the Javascript code on the user's system. The code then injects the system with the attacker's code of choice. If possible, administrators should install Microsoft patch MS04-011 to protect IIS. According to iDEFENSE, IE users are being compromised with a combination of two vulnerabilities: One of these vulnerabilities is related to a problem in MIME Encapsulated Aggregate HTML (MHTML), and the other is related to ADO databases (ADODB). Microsoft has made the MS04-013 patch available for the MHTML problem, but no patch is yet available for the ADODB vulnerability. IE users should consider disabling active scripting in IE to protect their systems against these attacks. http://secadministrator.com/articles...rticleid=43088 For more details about this vulnerability, as well as links to patches, workarounds, and Intrusion Detection System (IDS) signatures to help detect this attack, be sure to visit our Web site at the provided URL. Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

12-17-2005, 08:00 AM	#2
Soulofpostar Join Date Oct 2005 Posts 506 Senior Member	That's nice for folks like you and me, but think about how many people don't even think about patches. As for SP2, I'll be doing lots of testing. Rumor is it'll "break" lots of things. (Never did like XP much, thought of it like "ME". Maybe SP2 will change my mind. That's why I set up my clients to auto download the updates. It helps them a lot and saves me a few phone calls. I have a copy of SP2/RC2. Got it a few days ago from MS. They shipped to people who attended the release seminars. So far, it hasn't broken anything. There are some changes like it turns on the firewall automatically. You need to go back and check shares to make sure they are allowed, minor tweaks like that. XP (Full or OEM using NTFS) is a lot more stable than ME but can be a pain in the rear on some things. One of the big problems is people do the upgrade and continue to use FAT32. Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

05-17-2006, 08:00 AM	#3
Soulofpostar Join Date Oct 2005 Posts 506 Senior Member	Just download the patches when they become available and solve the majority of the problems. Either that or start using Opera and Mozilla. Microsoft is releasing Windows XP Service Pack 2 on July 23rd. It has lots of nice enhancements and security upgrades. Many of the major flaws in IE security will be fixed with that patch. As soon as it is available, download and install it. Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

06-12-2006, 08:00 AM	#4
PetraCromlich Join Date Oct 2005 Posts 467 Senior Member	That's why I set up my clients to auto download the updates. It helps them a lot and saves me a few phone calls. I have a copy of SP2/RC2. Got it a few days ago from MS. They shipped to people who attended the release seminars. So far, it hasn't broken anything. There are some changes like it turns on the firewall automatically. You need to go back and check shares to make sure they are allowed, minor tweaks like that. XP (Full or OEM using NTFS) is a lot more stable than ME but can be a pain in the rear on some things. One of the big problems is people do the upgrade and continue to use FAT32. Auto update is a good thing, the users I deal with don't have administrative rights. We're getting ready to deploy St Banard software to push patches. I agree, XP is more stable than ME, but I've always found that M$ has done an alternating "OK"/ piece 'o cr@p cycle of OS's and patches (I still remember SP6 for NT) Yes I agree NTFS all the way...NFS would be even better! Heard that if you have applications that require network access, you have to go into the firewall and open the ports to them. Usually, I run the RC/Betas, but the last couple of months have been"interesting" and I haven't had time. Been an "oficial" M$ beta tester for years! Oh well, Microsoft software = Job security! Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

09-30-2006, 08:00 AM	#5
PetraCromlich Join Date Oct 2005 Posts 467 Senior Member	Just download the patches when they become available and solve the majority of the problems. Either that or start using Opera and Mozilla. Microsoft is releasing Windows XP Service Pack 2 on July 23rd. It has lots of nice enhancements and security upgrades. Many of the major flaws in IE security will be fixed with that patch. As soon as it is available, download and install it. That's nice for folks like you and me, but think about how many people don't even think about patches. As for SP2, I'll be doing lots of testing. Rumor is it'll "break" lots of things. (Never did like XP much, thought of it like "ME". Maybe SP2 will change my mind. Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)