Browse > Home / Blog article: Attackers Take Advantage of IE ActiveX Flaw

Attackers Take Advantage of IE ActiveX Flaw

By Dave Nixon

February 6, 2008

Criminals have already started to exploit flaws in Active X software used by Internet Explorer, just one day after the vulnerabilities were exposed.

Symantec Security Response Director Oliver Friedrichs said that the company had acknowledged only three websites that were hosting the attack code, all of which appear to be linked to the same criminals. Nevertheless he thinks that more attacks are unavoidable as the criminals deploy the code into their malevolent software toolkits. “Given the fact that the proof of concept is available and works, it’s not exactly rocket science for someone to plug this into a toolkit,” he said. “That’s likely to happen in short order.”

Security researchers Elazar Broad and Krystian Kloskowski have divulged a multitude of ActiveX bugs affecting MySpace and Facebook over the past few days, but the attack reported by Symantec takes advantage of a flaw in an ActiveX control used by Yahoo’s Music Jukebox.

Once installed on the victim’s machine by the hackers, they then embark on installing a number of malicious files on the victim’s computer, Symantec said.

Broad and Kloskowski also discovered a second ActiveX bug in Yahoo Jukebox, but that flaw is hitherto not being exploited by attackers, according to Symantec. Another major resource of troubles is the Aurigma ImageUploader ActiveX control, which is used by websites such as Facebook and MySpace to upload pictures into Internet Explorer.

Because of all the ActiveX bugs, Security experts are advising users to be vigilant while web browsing. On Tuesday, US-CERT published a note advising users to disable ActiveX controls, accomplished by setting Internet Explorer’s security level to “high” for the Internet zone.

That might not be a practical option for many consumers, who will experience limited IE browsing without ActiveX, Friedrichs said. But technically adept users and corporate IT shops can take measures to disable the untrusted ActiveX controls. Actually, the SANS Internet Storm Center has published free software that disables the controls.

Another alternative for enterprise users is to construct a white list of approved ActiveX controls, Friedrichs said.

Security troubles with browser add-ons are extremely widespread. In the first half of 2007, Symantec identified 237 browser plugin security flaws. About 89 percent of centered on ActiveX.

Click here to discuss this: Security Forums

Filed Under Business Security, Computer Security, IT Security, Internet Security News, Software Security 
Tagged:



Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL

ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL


Related posts to "Attackers Take Advantage of IE ActiveX Flaw":



Comments

Got something to say?





Visited 313 times, 1 so far today