Microsoft Windows VBScript Arbitrary HLP File Execution Vulnerability (981169)

Threat Detail

Vulnerability Type: Logic error

Impact of Exploitation: Website or e-mail with malicious content

CVE Reference: N/A

Next Steps:

Overview
Timeline
Recommendations
Additional Resources

Overview

A code execution vulnerability is present in some versions of Microsoft Internet Explorer.

A code execution vulnerability is present in some versions of Microsoft Internet Explorer. Microsoft Internet Explorer could invoke winhlp32.exe to open a arbitrary HLP file which can be exploited to execute arbitrary commands. To exploit this vulnerability, the attackers must convince a user to visit the maliciously crafted web page and then get them to press the F1 key in response to a pop up Message Box.

Attack Vector

Website or e-mail with malicious content

User Interaction

user interaction is needed

Vendor Status

Responded, not patched

Vulnerable Systems

Internet Explorer 8,

Timeline

2010-02-25

A proof of concept has been released.

2010-02-28

Vendor has provided information on the vulnerability.

2010-03-01

Vendor has provided information on the vulnerability.

Recommendations

McAfee is not aware of a vendor-supplied patch or update at this time. (3/1/2010) Additional Info:
http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx

Recommendations McAfee Product Mitigation

Additional Resources

Microsoft Security Advisory (981169) Vulnerability in VBScript Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/981169.mspx