MS IE CSS parsing remote memory corruption vulnerability

Dude111 · Dec 19, 2010

http://www.securityfocus.com/bid/45246/info

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions.

Internet Explorer versions 6, 7 and 8 are vulnerable.

Credit: WooYun

Proof-of-concept code:

• http://www.securityfocus.com/data/vulnerabilities/exploits/45246.js
• http://www.securityfocus.com/data/vulnerabilities/exploits/45246.rb

Rating: highly critical

Status: vendor confirmed, vendor-supplied patches not available
Click to expand...

Something must be wrong with the proof of concept file!

I DOWNLOADED the JS file and double clicked on it and Windows Script host reported 'SYNTAX ERROR on line 1' (Nothing happend)

skip · Dec 19, 2010

How about this? I found this file running in the background of my computer yesterday, slowing it down substantially and causing probs with Firefox: ielowutil.exe When you look it up it says it's the "Internet Low-Mic Utility Tool". This program is not well documented at all and people say it loads "randomly". The best explanation is that it has something to do with how IE handles memory.

Then why does it load without IE even being loaded? People report it loads while Firefox is running.

The real question should be what does "low mic" mean? Sounds to me like they're controlling your microphone over the internet using a utility - to eavesdrop on you perhaps?

We all know they've put software out there that can turn on your video without your knowledge and transmit it to whomever is in control. They did this to a whole school without anyone's knowledge, so why not do it to every Windows user too?

I keep my laptop's video camera and microphone covered at all times, since I don't even use them. I even have them disabled, but who knows? A program could easily re-enable them...

stinkfoot · Dec 19, 2010

I've wondered if the antitrust settlement Microsoft reached with the US government included handing over pertinent security data regarding vulnerabilities for the purpose of Big Brother exploiting for His own purposes- basically tracking where people go and what they do/say/post/buy/etc.

Skip said:

How about this? I found this file running in the background of my computer yesterday, slowing it down substantially and causing probs with Firefox: ielowutil.exe When you look it up it says it's the "Internet Low-Mic Utility Tool". This program is not well documented at all and people say it loads "randomly". The best explanation is that it has something to do with how IE handles memory.

Then why does it load without IE even being loaded? People report it loads while Firefox is running.

The real question should be what does "low mic" mean? Sounds to me like they're controlling your microphone over the internet using a utility - to eavesdrop on you perhaps?

We all know they've put software out there that can turn on your video without your knowledge and transmit it to whomever is in control. They did this to a whole school without anyone's knowledge, so why not do it to every Windows user too?

I keep my laptop's video camera and microphone covered at all times, since I don't even use them. I even have them disabled, but who knows? A program could easily re-enable them...
Click to expand...

skip · Dec 19, 2010

stinkfoot said:

I've wondered if the antitrust settlement Microsoft reached with the US government included handing over pertinent security data regarding vulnerabilities for the purpose of Big Brother exploiting for His own purposes- basically tracking where people go and what they do/say/post/buy/etc.
Click to expand...

I don't even think that's necessary. I'm pretty sure Microsoft has a wide back door for the gov't to spy on any computer running Windows... without warrants or courts or any such nonsense.

Dude111 · Dec 19, 2010

Wouldnt it be hard for them to get by a firewall that has SMART FILTERING enabled?

http://www.symantec.com/connect/idea/enabling-smart-traffic-filtering

Psilo_Cybin · Dec 20, 2010

who still uses internet explorer these days?

Dude111 · Dec 20, 2010

Well i use MyIE2 which uses the IE engine

I very seldom use IE6 directly.. (Although i think it looks the nicest of all IE versions)

theolderguy · Sep 28, 2011

MIC stands for Medium Integrity Cookie (or so it seems). The Low-Mic process is intended to broker low- and medium-integrity process API calls. It has to do with increasing security (reducing malware attack vectors) in IE8 and IE9.

deleted · Sep 28, 2011

if your computer has speakers, its basically a microphone with reversed poles..

Dude111 · Sep 28, 2011

Yes but i dont think they can access those speakers as microphones because they are plugged into a different spot on your computer.....

Welcome to the site theolderguy

deleted · Sep 28, 2011

i dont think
Click to expand...

you make NSA very happy..

Log in or Sign up

MS IE CSS parsing remote memory corruption vulnerability

Dude111 An Awesome Dude

skip Founder Administrator

stinkfoot truth

skip Founder Administrator

Dude111 An Awesome Dude

Psilo_Cybin Member

Dude111 An Awesome Dude

theolderguy Guest

deleted Visitor

Dude111 An Awesome Dude

deleted Visitor

Share This Page

Log in or Sign up

MS IE CSS parsing remote memory corruption vulnerability

Dude111 An Awesome Dude

skip Founder Administrator

stinkfoot truth

skip Founder Administrator

Dude111 An Awesome Dude

Psilo_Cybin Member

Dude111 An Awesome Dude

theolderguy Guest

deleted Visitor

Dude111 An Awesome Dude

deleted Visitor

Share This Page

Useful Searches