November 10, 2005

When should you call a horse, a horse?

Microsoft Security Bulletin MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)

I wonder why Microsoft doesn't call this security vulerability an IE bug?

If I use Firefox and Thunderbird on any of the windows versions mentioned it doesn't seem like I would be vulnerable, but if I use IE or Outlook I could be vulernable to an attack using an exploit build around this problem.

Microsoft, CERT, Secunia and others should count this bug, and probably others, in their statistics of IE vulerabilities unless I'm missing something.

Posted by chofmann at November 10, 2005 4:46 PM
Comments

I love their "mitigating factors" section:

In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.

I feel so much safer.

Although... I can't remember the last time I ever saw a .WMF or .EMF file. I wonder if IE will actually render them, or just offer to download?

Posted by: Some Guy at November 10, 2005 5:58 PM

There is a non-working link in
June 17, 2004
More data on user having problems with their browsing experience

I assume you ment this one:
http://news.com.com/Spying+on+spyware/2100-1001_3-5236735.html

Another fine reading:
http://news.com.com/Spying+on+the+spyware+makers/2008-1012_3-5694455.html

Posted by: herman at November 10, 2005 9:34 PM

The way I understand the issue, it is not a flaw in Internet Explorer, but a flaw in a component that may be used by Internet Explorer. Think of it like a flaw in libpr0n. libpr0n is a shared library so it could affect more than Mozilla Firefox.

Posted by: Brant Gurganus at November 10, 2005 10:08 PM

> I wonder why Microsoft doesn't call this security vulerability an IE bug?

Because this security vulnerability is not an IE bug, but a bug in a shared system library instead?

IE is _affected_ by this bug, among others.

Posted by: Sister of Cacophony at November 10, 2005 11:18 PM

I think it is also a vulnerability of IE.

Remember Secunia Advisory SA12232 which was about libpng:
http://secunia.com/advisories/12232/
http://secunia.com/advisories/12219/

Posted by: Mathieu at November 11, 2005 1:42 AM

> libpr0n is a shared library so it could affect more than Mozilla Firefox.

Exactly, when mozilla has a bug in libpr0n, we report it as a bug in firefox, thunderbird and the mozilla suite to keep users informed.

> Because this security vulnerability is not an IE bug, but a bug in a shared system library instead?

The greatest impact of this bug is in IE. Microsoft mentioned how the bug may affect Outlook users bug failed to mention Internet Explorer by name a single time in the lengthy discription of the problem.

In the last 6 months the press has begun to us the total number of reported vulerabilities as a key metric to report on the security of products. The value of this is questionable when the critcality of vulerabilities, the number of known exploits running in the wild, the speed at which vulerabilities and exploits are fixed are much better metrics; but the fact is that the press is using total vulerabilites in their reporting.

Calling this bug a "windows shared graphics library" bug plays into the hands of reporters that want to write the simplistic stories about IE has fewer security bugs than Firefox, Safari and others...

http://www.microsoft.com/technet/security/Bulletin/MS05-026.mspx
is another example when Microsoft obsured the connection between this "system library" problem and Internet Explorer. If I don't use IE I cut off the primary attack vector for this vulerability and known set of exploits that are running in the wild.

Posted by: at November 11, 2005 7:25 AM

And another -> http://www.microsoft.com/technet/security/Bulletin/MS05-016.mspx

User clicks on a "specially crafted page" in IE and they are vulnerable. Not so if they click on the specially crafted page in Firefox, Safari, Opera or other browsers.

The approaches hackers are using to entice users to click on sites with malicious content are on the rise and expanding and users are more at risk than every of these kind of attacts. Sophos documents how these kind of attacks are putting more users at risk. http://www.sophos.com/pressoffice/news/articles/2005/09/va_katrina.html

Posted by: at November 11, 2005 7:55 AM

I agree that M$ should say that bugs like these affect IE primarily, but I think it's possible, tho unlikely, to affect other users. Say I decide for some reason (it's happened before) use Irfanview to open an image I found on the web. I might copy the img url (I've still to learn to use Copy Image) and paste it into the Open dialog of IrfanView. In Windows, this works but will prolly leave me open also to any such bugs.

Posted by: Tsee at November 11, 2005 8:57 AM

You know that is my question as well is why this was not reported as an IE Bug. Anyways heard it was fixed but can verify that anywhere either any updates?

Posted by: Jerry at November 12, 2005 2:34 PM

I think Mozilla Firefox the most reliable on safety a browser... But ideal programs does not exist. Hackers find all new vulnerability. We programmers should work above it.

Posted by: Bruce at December 9, 2005 2:49 PM

hello! http://www.areaseo.com/contacts/ google pr. SE marketing, High Rankings, SEO consultant. From google pr .

Posted by: google pr main at April 21, 2006 2:51 AM


forget your worries, fears and panic attacks,Xanax can aid in fighting mental odds and blocks. overcome anxiety disorder with Xanax from http://www.buy-xanax-online-now.com

Posted by: xanax at April 25, 2006 7:46 PM

nice blog..i like it

Posted by: Perfume Products at April 26, 2006 10:17 AM

yes.this is my site http://www.debiandominicana.org/alprazolam/alprazolam_retard_dissolution.html Thanks.

Posted by: alprazolam xanax xr uk at April 27, 2006 10:33 PM

hello! http://www.dirare.com/Sweden/ online directory. MY yellowpages, SMART Yellow Pages, About DIRare. From online directory .

Posted by: online directory main at May 4, 2006 1:58 PM

hubba bubba

Posted by: Penis Enlargement at May 5, 2006 8:15 PM

wokring man club

Posted by: Milf at May 5, 2006 8:17 PM

I was looking for something else and ran across this site. I really like the layout and colors you chose. This gave me so much information indeed! http://hoodia06.wind.prohosting.com

Posted by: hoodia at May 13, 2006 7:13 AM

I was looking for something else and ran across this site. I really like the layout and colors you chose. This gave me so much information indeed! http://hypothyroidism.cba.pl

Posted by: hypothyroidism at May 13, 2006 11:10 PM

Nice work! -harrahs casino

Posted by: harrahs casino at May 18, 2006 5:32 AM

this is my link #text1# :(

Posted by: #text1# at May 18, 2006 8:19 PM

sdgw w we

Posted by: monte carlo hotel and casino at May 21, 2006 4:00 AM

horses... dream of my life

Posted by: core at May 21, 2006 5:47 AM

Horse is the best animal all over the world.

Posted by: debt consolidation at May 21, 2006 11:56 AM

KarlikSuka4

Posted by: KarlikSuka1 at May 24, 2006 9:57 AM

was looking for something else and ran across this site. I really like the layout and colors you chose FULL INFORMATION TRAVEL ONLINE SPORTS RULES
http://www.travel.happyhost.org |

Posted by: Life insurance quote at May 25, 2006 2:27 AM

Hi!I really like your blog!Please take some time to visit my site too if you need a mortgage, credit card, payday loan or credit report. We have the BEST RATES ON THE PLANET!!!Really!

Posted by: Take Our Money at May 28, 2006 3:45 AM

Hello! Thanks you.

Posted by: why students shouldn t have to take drug tests at May 28, 2006 9:29 PM

I like your site! -consolidate debt recommendation-

Posted by: consolidate debt recommendation at May 30, 2006 7:09 AM

Have you seen this before? It's a number guessing game: http://www.amblesideprimary.com/ambleweb/mentalmaths/guessthenumber.html. I guessed 57775, and it got it right! Pretty neat.

Posted by: Merideth Carleton at June 1, 2006 2:25 PM

cool website

Posted by: anal sex at June 7, 2006 9:35 PM

good info

Posted by: furniture office at June 13, 2006 5:36 PM

As for the Giants, their own happiness was short-lived as they lost to - who else?

Posted by: bergannon at June 15, 2006 10:46 PM

hi

Posted by: cheap tramadol at June 21, 2006 7:16 AM

was looking for something else and ran across this site.

Posted by: Jolie fan at June 21, 2006 12:40 PM

hi all

Posted by: dog food at July 6, 2006 1:59 AM

hi

Posted by: buy tramadol at July 19, 2006 4:45 AM

Sometimes that's exactly how I feel but who knows.
http://www.soma-plus.com

Posted by: soma at July 19, 2006 2:07 PM

That was a huge opening.
http://www.carisoprodol-plus.com

Posted by: carisoprodol prescription at July 19, 2006 2:30 PM

That just may work, who knows, we'll see.
http://www.prozac-plus.com

Posted by: prozac at July 19, 2006 2:58 PM

I had a feeling something like this would happen.
http://www.wellbutrin-plus.com

Posted by: order wellbutrin at July 19, 2006 4:04 PM

alprazolam

Posted by: alprazolam at July 25, 2006 9:13 AM

diazepam online diazepam online

Posted by: diazepam online at July 27, 2006 9:45 PM

Very interesting site I congratulate

Posted by: Cell at July 31, 2006 2:41 AM

microsoft is not very honest company, you know... they are not always talk about problems, if they have the possibility to stay quiet...

Posted by: David Green at August 2, 2006 1:11 AM

fupile zvdynxhjt jplfnud sefp hbgq heqk qxfkgns

Posted by: zpsnlbq zxyhio at August 7, 2006 8:23 PM

sjthbxqc ucmdarv hdazygei eoksw uexs qvzncyfa inkqcpywl

Posted by: bxeadqjg fdgm at August 7, 2006 9:08 PM

xrzvdcujp ekdfbqt pvihsx xkpvtdj ykjqnotmp mfnoikpu nijhobwvc

Posted by: jcwnxfup uelahnkp at August 24, 2006 5:20 PM

http://link1.com

Posted by: Masi at August 25, 2006 10:55 PM

paist izph mwit znbiakmy kwnbszdy lbvs jqicmfpn

Posted by: qaxirhl dplm at August 28, 2006 3:11 AM

XXX DVD

Posted by: XXX DVD at August 31, 2006 3:23 PM

sex dvd

Posted by: sex dvd at August 31, 2006 4:39 PM

Home Job Work - work at home

Posted by: Home Job Work at September 3, 2006 1:12 AM

kwzvenfh osubq yxnv fzgnvdoeh bxtrsm nbsvwrpco rsyxjmita

Posted by: vicf mckaun at September 5, 2006 3:54 PM

Cool site. Thanks.

Posted by: america benefit borat cultural glorious kazakhstan learnings make nation at September 30, 2006 8:02 PM

Alec Baldwin asks for his voice to be removed from an "unfair" documentary about Arnold Schwarzenegger...

Posted by: Cordell Stegall at November 26, 2006 1:49 AM

Borat creator Sacha Baron Cohen reportedly signs a $42.5m (£22m) film deal starring his character Bruno...

Posted by: Zachery Isaacson at November 26, 2006 7:23 AM

Very good site. Thanks.


Posted by: sexy string bikini at December 7, 2006 11:57 PM

Cool site. Thanks.


Posted by: sexy bikini gallery at December 8, 2006 12:31 AM

Cool site. Thanks.


Posted by: sexy bikini gallery at December 8, 2006 12:31 AM

Cool site. Thanks.


Posted by: sexy bikini gallery at December 8, 2006 12:31 AM

Cool site. Thanks.


Posted by: sexy bikini gallery at December 8, 2006 12:31 AM

Good site. Thanks!

Posted by: gun pilot shiny toy we at December 8, 2006 12:36 AM

Cool site. Thanks:-)

Posted by: big tit hound at December 8, 2006 12:45 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:57 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:57 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:58 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:58 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:58 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:58 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:58 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:58 AM

Very good site. Thanks:-)

Posted by: gun pilot shiny toy we at December 8, 2006 12:59 AM

Good site. Thanks:-)

Posted by: anal gape at December 8, 2006 1:16 AM

Nice site. Thanks!

Posted by: a american hardcore history tribal at December 8, 2006 1:31 AM

Nice site. Thanks!

Posted by: a american hardcore history tribal at December 8, 2006 1:31 AM

Nice site. Thanks!

Posted by: a american hardcore history tribal at December 8, 2006 1:31 AM

Good site. Thank you!


Posted by: hot sexy bikini babes at December 8, 2006 2:18 AM

Good site. Thank you!


Posted by: hot sexy bikini babes at December 8, 2006 2:18 AM

Good site. Thank you!


Posted by: hot sexy bikini babes at December 8, 2006 2:18 AM

Good site. Thank you!


Posted by: hot sexy bikini babes at December 8, 2006 2:18 AM

Good site. Thank you:-)

Posted by: toy r us baby registry at December 8, 2006 2:35 AM

Good site. Thank you:-)

Posted by: toy r us baby registry at December 8, 2006 2:35 AM

Good site. Thank you:-)

Posted by: toy r us baby registry at December 8, 2006 2:35 AM

Very good site. Thank you!!!

Posted by: toy r us baby registry at December 8, 2006 2:43 AM

Very good site. Thanks.


Posted by: sexy bikini wallpaper at December 8, 2006 2:54 AM

Cool site. Thanks:-)

Posted by: inflatable pool toy at December 8, 2006 3:01 AM

Cool site. Thanks:-)

Posted by: inflatable pool toy at December 8, 2006 3:01 AM

Nice site. Thank you.

Posted by: inflatable pool toy at December 8, 2006 3:07 AM

Cool site. Thanks.

Posted by: dangers of inhaling hydrocodone at January 23, 2007 3:36 AM

Cool site. Thanks:-)


Posted by: replica omega watches at February 3, 2007 4:08 AM

Cool site. Thanks:-)


Posted by: replica omega watches at February 3, 2007 4:08 AM

Nice site. Thanks.

Posted by: orangutan pics at February 3, 2007 4:54 AM

Good site. Thanks:-)

Posted by: outrageous pics at February 3, 2007 6:24 AM

slot machine gambling

Posted by: ring bearer pillow at February 16, 2007 9:38 AM

Wow Naked Teens

Posted by: Naked Teens at March 16, 2007 12:56 PM

Basically nothing noteworthy happening right now, but eh. Today was a complete loss. I haven't been up to much recently. I've pretty much been doing nothing worth mentioning.

Posted by: Sten65904 at March 22, 2007 3:44 PM

Cool site. Thank you!


Posted by: crotchless pantie video at March 24, 2007 6:14 AM

Very good site. Thank you!!!


Posted by: ftv girl gallery at March 25, 2007 5:09 AM

Very good site. Thank you!!!


Posted by: ftv girl gallery at March 25, 2007 5:09 AM

4/22/2007 1:56:42 AM
Addiction Recovery

Posted by: Addiction Recovery at April 21, 2007 10:55 PM

Nice site. Thank you.

Posted by: carisoprodol compound at April 22, 2007 11:34 PM

Nice site. Thanks!

Posted by: coreg interaction vitamin at May 13, 2007 6:01 PM

Very good site. Thank you!


Posted by: nolvadex powder at May 25, 2007 7:43 AM

cheap@viagra.com

Posted by: viagra discount at July 20, 2007 10:26 AM

cheap@viagra.com

Posted by: viagra discount at July 20, 2007 10:27 AM

Very good site. Thanks!

Posted by: mizhgmizhg at August 30, 2007 8:42 PM

Greetings!..
grillz

Posted by: Vffuwe at August 31, 2007 7:36 PM

Cool site. Thank you!

Posted by: babes sexy valentine at September 5, 2007 8:01 PM