ActiveX Vulnerabilities: Even When You Aren't Vulnerable, Yo

Look in this specific forum for newly found security threats which may not yet be covered by your usual security software

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

ActiveX Vulnerabilities: Even When You Aren't Vulnerable, Yo

Postby TeMerc » Tue Aug 12, 2008 2:33 pm

date 08-06-2008 02:30 PM author Sean Hittel writes

Recently, we came across a rather unfortunate exploit case for the Access Snapshot Viewer ActiveX Vulnerability that took advantage of a property of the ActiveX system to exploit IE users who did not have the vulnerable control installed. How does one exploit a vulnerability that does not exist on a system you say? Sadly, attackers have found a way to install the vulnerable Access Snapshot Viewer ActiveX control through Internet Explorer prior to exploiting it.

Because the control is Microsoft signed, its installation is silent, and does not require any user interaction. Once this vulnerable control is installed on the victim’s computer, it is exploited in the same way as if the control was installed all along. To top it off, this attack is carried out as a drive-by attack, so the unprotected user may never know that they were vulnerable, or had been targeted, let alone infected.

While this silent installation ability obviously poses some interesting security considerations, it is actually fairly core to ActiveX operation. For example, a site that wants to provide an Access report for its users may want to install the trusted control and permit the users to simply view the report. This would provide a cleaner experience for the site's users, rather than forcing them to go to the Microsoft site to download and install the control.

0-= Continued @ Symantec Blog

Via: Stopbadware Blog
Image

Return to “EMERGING SECURITY THREATS!”

Who is online

Users browsing this forum: No registered users and 1 guest