Leaked Windows Code Opens IE Hole
Bug hunters use source code to identify flaw in widely-used browser.
Joris Evers,
IDG News Service

A bug hunter claims to have uncovered a security flaw in Microsoft's Internet Explorer 5 Web browser by studying Windows source code that was leaked last week.

The vulnerability allows an attacker gain control over a user's computer by using a specially crafted bitmap file. When loaded using IE 5, the file will trigger an overflow error and allow the attacker to run arbitrary code on a victim's machine, according to a description of the flaw posted Sunday on the SecurityTracker.com Web site.

The flaw was uncovered by reviewing IE source code that was part of a larger Windows code leak last week and exists in all versions of IE 5 for all Windows versions, according to the description.


World Wide Web
Vulnerable versions of IE are used by millions of Internet users. As of February 16, 17 percent of Internet users worldwide had some version of IE 5 installed, according to San Diego-based Web tracking company WebSideStory.

Thor Larholm, senior security researcher at PivX Solutions in Newport Beach, California, confirms the vulnerability. He investigated the report and tested code to exploit the flaw.

The IE 5 problem proves the security implications of the code leak, where a malicious coder could take advantage of the source code to find security holes, Larholm says. This has definitely proven the potential for critical vulnerabilities, he says.

Microsoft began investigating the vulnerability report on Monday, the company says in a statement. The security problem is a known issue that the Redmond, Washington-based vendor discovered internally before and fixed in IE 6.0, according to the statement.


Upgrade Available
Microsoft urges IE 5 users to upgrade to IE 6.0 with Service Pack 1. However, IE 5.01 with Service Pack 2 is still supported, according to Microsoft's product support Web page. The vendor is working on a patch for this and other versions of IE predating IE 6.0 and is investigating why it did not fix the vulnerability in those versions before, a Microsoft spokesperson says Tuesday.

Microsoft last week said that incomplete portions of its closely-guarded Windows NT and Windows 2000 source code, the blueprints of the operating system software, had been leaked on the Internet.

Analysts and security experts at the time warned that a breach of the Windows source code could expose users to an increase in cyberattacks because it would make it easier for hackers to find holes in the operating systems that they could exploit.

More at PCWorld