=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2005/VULN767
_____________________________________________________________________

DATE                      : 14/12/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Internet Explorer.

======================================================================

             Technical Cyber Security Alert TA05-347A

            Microsoft Internet Explorer Vulnerabilities

    Original release date: December 13, 2005
    Last revised: --
    Source: US-CERT

Systems Affected

      * Microsoft Windows
      * Microsoft Internet Explorer

    For more complete information, refer to the Microsoft Security
    Bulletin Summary for December 2005.

Overview

    Microsoft has released updates that address critical vulnerabilities
    in Internet Explorer (IE). A remote, unauthenticated attacker could
    exploit these vulnerabilities to execute arbitrary code or cause a
    denial of service on an affected system.

I. Description

    The Microsoft Security Bulletins for December 2005 address
    vulnerabilities in Microsoft Windows and Internet Explorer. By
    convincing a user to view a specially crafted HTML document, such as a
    web page or an HTML email message or attachment, an attacker could
    execute arbitrary code with the privileges of the user. The attacker
    could also cause IE or the program using the WebBrowser control to
    crash.

    Further information is available in the following US-CERT
    Vulnerability Notes:

    VU#887861 - Microsoft Internet Explorer vulnerable to code execution
    via mismatched DOM objects

    Microsoft Internet Explorer fails to properly handle requests to
    mismatched DOM objects, which may allow a remote attacker to execute
    arbitrary code on a vulnerable system.
    (CVE-2005-1790)

    VU#959049 - Several COM objects cause memory corruption in Microsoft
    Internet Explorer

    Microsoft Internet Explorer allows instantiation of COM objects not
    designed for use in the browser, which may allow an attacker to
    execute arbitrary code or crash IE.
    (CVE-2005-2127)

II. Impact

    A remote, unauthenticated attacker exploiting these vulnerabilities
    could execute arbitrary code with the privileges of the user. If the
    user is logged on with administrative privileges, the attacker could
    take complete control of an affected system or cause a denial of
    service.

III. Solution

Apply Updates

    Microsoft has provided the updates for these and other vulnerabilities
    in the December 2005 Security Bulletins and on the Microsoft Update
    site.

Disable ActiveX

    Disable ActiveX in the Internet Zone to further protect against the
    vulnerabilities described in VU#959049 and VU#680526. Instructions for
    disabling ActiveX are available in the CERT/CC Malicious Web Scripts
    FAQ. Note that disabling ActiveX will reduce the functionality of some
    web sites.

    The updates provided by MS05-037, MS05-038, MS05-052, and MS05-054
    block COM objects known to be vulnerable, however there may be more.

Appendix A. References

      * Microsoft Security Bulletin Summary for December 2005 -
        <http://www.microsoft.com/technet/security/bulletin/ms05-dec.mspx>

      * Microsoft Security Bulletin MS05-054 -
        <http://www.microsoft.com/technet/security/bulletin/MS05-054.mspx>

      * Microsoft Security Bulletin MS05-052 -
        <http://www.microsoft.com/technet/security/bulletin/MS05-052.mspx>

      * Microsoft Security Bulletin MS05-038 -
        <http://www.microsoft.com/technet/security/bulletin/MS05-038.mspx>

      * Microsoft Security Bulletin MS05-037 -
        <http://www.microsoft.com/technet/security/bulletin/MS05-037.mspx>

      * US-CERT Vulnerability Note VU#887861 -
        <http://www.kb.cert.org/vuls/id/887861>

      * US-CERT Vulnerability Note VU#959049 -
        <http://www.kb.cert.org/vuls/id/959049>

      * US-CERT Vulnerability Note VU#680526 -
        <http://www.kb.cert.org/vuls/id/680526>

      * CVE-2005-1790 -
        <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1790>

      * CVE-2005-2127 -
        <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127>

      * CERT/CC Malicious Web Scripts FAQ -
        <http://www.cert.org/tech_tips/malicious_code_FAQ.html#ie56>

      * Improve the safety of your browsing and e-mail activities -
        <http://www.microsoft.com/athome/security/online/browsing_safety.m
        spx>

      * Security Essentials -
        <http://www.microsoft.com/athome/security/protect/default.aspx>

      * Microsoft Update - <https://update.microsoft.com/microsoftupdate>

      _________________________________________________________________


    The most recent version of this document can be found at:

      <http://www.us-cert.gov/cas/techalerts/TA05-347A.html>

      _________________________________________________________________


    Feedback can be directed to US-CERT Technical Staff. Please send
    email to <cert@cert.org> with "TA05-347A Feedback VU#887861" in the
    subject.

      _________________________________________________________________

    For instructions on subscribing to or unsubscribing from this
    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

      _________________________________________________________________


    Produced 2005 by US-CERT, a government organization.

    Terms of use:

      <http://www.us-cert.gov/legal.html>

      _________________________________________________________________


    Revision History

    December 13, 2005: Initial release

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================