Attackers Target MHTML Security Flaw in Windows by Using Internet Explorer
By eccuni
Mar 14, 2011 - 8:09:10 AM
A bug
associated with MIME Encapsulation of Aggregate HTML (MHTML) protocol handler
in Windows, first identified in January is being exploited by attackers.
Internet Explorer (IE) serves as an attack vector and users browsing through
any version of the browser are more susceptible to the exploitation of this
vulnerability. The vulnerability affects Windows XP and later versions. The
vulnerability is related to the process by which Internet Explorer deals with MIME
formatted web-pages on Windows.
Google
has issued an alert that attacks are being launched against Google users using
Internet explorer. The company claims that attacks seem to be highly targeted
and politically motivated against certain activists. The company has not
divulged any information on the identity of the targeted activists. Google has
also claimed that account holders of a popular social site (identity not
disclosed) have also been targeted by attackers. The company has applied
server-side defenses to prevent MHTML attacks. However, the defenses are not
foolproof and users may temporarily shift to firefox, chrome or other browsers
to guard against exploitation of MHTML vulnerability.
The
bug allows offenders to create a fake webpage, entice people to visit the site.
When unwary users visit the specially crafted webpage, IE is made to execute
malicious java script. The script may spoof content or perform functions that
on behalf of a user on a compromised website. Microsoft had earlier released a
work around for the bug in the form of "Fix it" wizard. The solution
enables users to lockdown MHTML by enabling the button and reversing the
lockdown of MHTML by disabling the Fix it button on the wizard. Microsoft is
yet to offer a security update for the flaw and may offer a fix during the
upcoming monthly security updates.
Online IT courses and video
tutorials may be used to create awareness among public on safe computing
practices. Internet users must avoid clicking on suspicious links on e-mails,
instant messengers (IM) and resist visiting suspicious websites. Users can also
disable active scripting.
Attackers
constantly find and exploit vulnerabilities in software products. Online
IT degree and e-learning programs may facilitate security
professionals in keeping them abreast of latest developments in IT security.
Organizations
must adhere to the security updates, patches and advisories. Hiring
professionals qualified in IT
degree programs may aid organizations in timely identification and
application of appropriate patches.
EC-Council University is based in Albuquerque, New Mexico
and offers Master of Security Science (MSS) degree to students from various backgrounds
such as graduates, IT Professionals, and military students amongst several
others. The MSS is offered as a 100% online degree program and allows
EC-Council University to reach students from not only the United States, but
from all around the world.
EC-Council is a member-based organization that certifies individuals in
cybersecurity and e-commerce skills. It is the owner and developer of 16
security certifications, including Certified Ethical Hacker (CEH), Computer
Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst
(ECSA)/License Penetration Tester (LPT). Its certificate programs are offered
in over 60 countries around the world.
Disclaimer: Dime-Co.Com is an online information article and video article network. All articles, video articles, comments, and other features herein are for informational purposes only and are provided "as is" without warranties, representations or guarantees of any kind. The views and opinions expressed in an article, comments, links or blogs are the author's own, and not necessarily those of dime-co.com's owners. For full disclaimer, please read our TOS.