[Dshield] Several fixes available for critical vulnerabilitiesinMS IE and various flavours of MS Windows

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Wed Apr 14 14:14:49 GMT 2004

list-bounces at lists.dshield.org <mailto:list-bounces at lists.dshield.org>
wrote on Wednesday, April 14, 2004 3:46 PM UTC+3 on behalf of Jon R.

| Peter:
| Do any of these fix the .CHM remote execution exploit in IE and
| Outlook? If so, how do they avoid disabling the way WinHelp works? 
| Thanks!
| Jon Kibler

Jon et al.

My guess would be that patch # 3 in my previous post (the patch for
Outlook Express!) should take care of it.
3) Microsoft Security Bulletin MS04-013
Cumulative Security Update for Outlook Express (837009)


Under "General Information | Technical Details | Executive Summary:"

you can find a reference to the following, which deals with the
vulnerability you mentioned.

MHTML URL Processing Vulnerability - CAN-2004-0380

"A remote code execution vulnerability exists in the processing of
specially crafted MHTML URLs that could allow an attacker's HTML code to
run in the Local Machine security zone in Internet Explorer. This could
allow an attacker to take complete control of an affected system."

- Peter

           "All truths are easy to understand once they are discovered; 
                       the point is to discover them."
      Galileo Galilei (1564-1642); Italian astronomer & physicist. 

More information about the list mailing list