New Microsoft Advisory

Microsoft has issued a Security Advisory (2501696) for Windows about a newly discovered security flaw  [CVE-2011-0096]  that affects Internet Explorer, as well as, potentially, any other applications that use Windows’s MHTML protocol handler.  (MHTML is an Internet protocol that defines a MIME structure for wrapping HTML content.)   The potential attack is somewhat similar to server-side cross-site scripting.   All currently supported versions of Windows are affected, except Windows 2008 Server Core installations.

The Advisory provides a work-around to mitigate the vulnerability.  The Windows Registry can be modified to prevent the execution of scripts within an MHTML document.  Modifying the Registry incorrectly can have serious bad effects, including making your system fail to boot.  It is not a job for the ten-thumbed.  Microsoft’s consumer-oriented article on this advisory has a “FixIt” tool that will apply the  Registry work-around for you; there is also a tool to uninstall it.  Like other work-arounds, this has the potential to cause problems, so careful testing is advisable.  So far, there is no announced schedule for a patch.

This vulnerability seems to be potentially exploitable in a number of different ways.  If you must use Internet Explorer, I suggest that you try the FixIt tool, carefully.


Comments are closed.

%d bloggers like this: