Denmark Secunia recently announced the security vulnerability of Internet Explorer (IE). Malicious uses this security vulnerability, can disguise the dangerous file into image files to download the user. In fact, this file has appeared. Windows XP SP2 is also affected by the vulnerability. No patch has not been publicly available. Countermeasures are invalid to set the "hidden known file type". The cause of the security vulnerability found in this discovery is to save the image file in the web page, sometimes IE will remove the file extension without authorization. Specifically, when you right-click the mouse web page image and select the "Save As" command to save the image. When the image file name specified by the mouse contains multiple extensions, IE will remove the extension of the last side. For example, if the image file is named "Malicious.hta.jpg", it will be saved as "Malicious.hta". If the malicious script code is contained in Malicious.hta.jpg, when the user performs a file (open) saved as Malicious.hta, Windows interprets the file as the HTML application (.hta) to execute the code. In other words, the malicious website administrator can induce the user to save the image file containing the malicious script code with any extension. Countermeasures are invalid if the "Hidden known file type" in the "Tool" menu "folder option" setting is invalid. It is valid for the default. Setting the "hidden known file type" is invalid (crocked), which does not only help to deal with the security vulnerabilities discovered. In the past, it has received many ways to use this "function".
Posted on
