InformAction Forums

protected from this attack?

This is a 0 day exploit, that attack MPEG2TuneRequest ActiveX Control Object in the msVidCtl component of Microsoft DirectShow:
http://translate.google.com/translate?p ... ry_state0=

So does this affect IE user only?

I think it doesn't affect IE user only, because the shellcode force IE to launch This user has tried with Opera browser:
http://www.wilderssecurity.com/showpost ... stcount=53

What do you think?

Can a script or shellcode access to filesystem and launch an application?
This is a my old question:
http://forums.informaction.com/viewtopic.php?f=19&t=361

The vulnerability described in Microsoft Security Advisory 971778 potentially affects all users of Windows 2000, Windows XP, and Windows Server 2003. It does not depend on what browser you're using. Apply the fix provided on this page, http://support.microsoft.com/kb/971778, or wait until next Tuesday when it will be fixed with a Microsoft Update.
http://www.microsoft.com/technet/securi ... 71778.mspx
http://www.computerworld.com/s/article/9135354

Hi forum friends,

This bug goes much deeper than was thought at first, re:
http://addxorrol.blogspot.com/2009/07/p ... tldll.html
The patch which consisted in setting a kill-bit did nothing fundamentally about the underlying hole, this issue was commented here:
http://blog.ncircle.com/blogs/vert/arch ... nough.html

Micosoft knew about the issue for over one year and had already started to contemplate a patch for it as they got startled by seeing this deep bug that could transgress to third party software being abused in the wild. An out of band patch might be in the bargain if more abuse is seen. The hole deep inside Windows seems to be exploitable in various other ways, so setting a kill-bit is not enough.
So MS could have unwillingly introduced leaks into third party software that would not be so easily patched.
What can we do using NoScript against this bug a skeleton that has now crept out of the Microsoft cupboard?
SafeArray another bad concept for a global standard? Horrendously cruddy........the outset is simple, but it rapidly degrades into the stinking mess you see today because the design flaws are right at the center, and are going to haunt us rather sooner than later....

luntrus