IE flaw that lets remote hackers read your hard drive is extra bad for XP users

The Protected Mode workaround is only available for IE 7+ on Vista or Windows 7.

On Wednesday a security researcher demonstrated a flaw in Internet Explorer at the Black Hat DC conference that could allow a hacker to remotely read files on the victim's local drive. The demonstration prompted a security advisory from Microsoft.

Network World senior editor Ellen Messmer reports,

"The flaw, said to extend across all versions of Internet Explorer, is not subject to a patching fix, according to Jorge Luis Alvarez Medina, the Argentina-based security consultant with Core Security Technologies who elaborated on the attack technique during his demo. Indeed, Microsoft advised anyone concerned about the potential for this type of attack to run IE in "protected mode," a workaround that Medina also advised."

Microsoft admits that the vulnerability exists, and just about all versions of Internet Explorer are vulnerable, but, if it makes you feel any better, says it has not yet seen attacks in the wild.

"Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location. These versions include Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service 4; Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; and Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows Server 2003 Service Pack 2. Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008."

But what exactly is Internet Explorer "Protected Mode"?

According to an article on MSDN updated February, 2009:

"In Windows Vista, Internet Explorer 7 runs in Protected Mode, which helps protect users from attack by running the Internet Explorer process with greatly restricted privileges. Protected Mode significantly reduces the ability of an attack to write, alter or destroy data on the user's machine or to install malicious code. ... While most Internet Explorer 7 security features will be available in Internet Explorer 7 for Windows XP Service Pack 2, Protected Mode is only available on Windows Vista because it is based on security features new to Windows Vista. "

The security researcher offered a few more complex ways to mitigate. An administrator can adjust various networking and ActiveX settings to make IE safer again.

Like this post? Check out these others.

• 7 big IT orgs that showed Microsoft the door
• Most business will adopt Windows 7 by 2011, but prefer Google's cloud
• Watch out Microsoft: GNOME is poised to have a killer 2010
• Microsoft Exchange/Outlook 2010 UC Mobile and Voicemail Features (Beta) Release!
• Windows 7 Remote Admin Tools: Controls Windows Server 2008 from your Windows 7 desktop
• Secrets of Exchange Server 2010
• Unified Messaging (Voicemail) in Exchange 2010
• Microsoft's data cache technology, code-named Velocity, speeds app performance

Plus, visit the Microsoft Subnet web site for more news, blogs, podcasts. Subscribe to all Microsoft Subnet bloggers. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)
Follow All Microsoft Subnet bloggers on Twitter
Follow Julie Bort on Twitter

• Microsoft
• Security
• browser security
• IE Protected Mode
• Internet Explorer
• Microsoft security
• Microsoft Security alert