MS06-067: Internet Explorer DirectAnimation and HTML Rendering Vulnerability

Published: 2006-11-14
Last Updated: 2006-11-14 19:34:06 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)
This advisory is a wrapper for 3 different Internet Explorer vulnerabilities:

CVE-2006-4446: DirectAnimation ActiveX Control
CVE-2006-4777: DirectAnimation ActiveX Control (not clear how it is different)
CVE-2006-4687: HTML Rednering Memory Corruption Vulnerability.

First off: All of these are exploited by exposing Internet Explorer to malicious HTML code. The "must have" precaution is to not run IE as "Administrator".

IMPORTANT: An exploit is in use against the DirectAnimation ActiveX Vulnerability!

DirectAnimation is a pre-cursor to what is not DirectX. In order to exploit the vulnerability, another deprecated library, HTML+TIME 1.0, has to be available.

The HTML render vulnerability is in particular tricky as it could be triggered by HTML e-mail.

This is a "Must Patch Now" issue for clients. Servers may want to hold off on this for a bit.
Like with all Internet Explorer patches: Don't forget to test internal critical web based applications. We had it happen in the past where such applications used older ActiveX techniques which where no longer available after a patch was applied.

0 comment(s)


Diary Archives