According to a Bugtraq entry there is already again a new gap in the Internet Explorer 6, with which an aggressor can break in into a Windows computer. The Internet Explorer 7 should not be concerned. In order to become victim of an attack, is sufficient it after representation of the error report to call a web page which contains a prepared Javascript. A cause of the gap should be an error in the WScript.Shell object, over which into the computer transfer they code and lets with the rights of the user start. The author of the error report Michal Bucko in a pdf document makes closer information available in addition.

The manufacturer of network equipment Cisco likewise already published a warning to the gap. Therefore Microsoft is to have already confirmed the gap. Cisco evaluates the gap with a CVSS Score of 8 of 10 possible points, thus rather critically. A Patch is not available yet. Remedy brings a switching off of Javascript or the changes on the Internet Explorer to 7. In a test of the public available Proof OF Concept Exploits the Internet Explorer was stopped however only.

Michal Bucko indicates in its description the Exploit on a web page to have found. Among other things a test system was Spam-offered infected with a root kit, a further with one. The attacks on visitors might have taken place some time unnoticed. Into which extent, is however unclearly.

With the gap announced on Bugtraq it does not concern after further analyses a new error, but around those become weak point already yesterday admits a ActiveX control, which is contained in Visual Studio 2005. The gap is used already actively, for the Exploit Framework Metasploit gives it also already a module, which demonstrates the problem. Remedy creates a deactivating of ActiveX apart from switching off Javascript also. Alternatively helps also to set the Kill bit for the vulnerable control.

Whats is a Rootkit?

Reveal rootkits