Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

IE 8 browser can be abused by hackers to launch cross-site scripting attacks

Add to     Digg this story Digg this

April 20, 2010

Click here to order the best dedicated server and at a great price.

It has just been discovered that the cross-site scripting filter that already ships with Microsoft’s Internet Explorer 8 browser can be severely abused by potential hackers to launch cross-site scripting attacks on Web sites that would otherwise be immune to this specific threat.

The security flaw also causes other issues at several high-profile websites, including Microsoft’s own, Google, Wikipedia, Twitter and just about any site that lets IE 8 users create profiles.

Microsoft added the anti-XSS feature in IE 8 in August 2009 to detect Type-1 attacks that can lead to cookie theft, keystroke logging, website defacement and credentials theft.

But as the researchers discovered, Microsoft’s filters work by scanning outbound requests for strings that may be malicious in nature.

When such a malicious string is detected, IE 8 will dynamically generate a regular expression matching the outbound string. The browser then looks for the same pattern in responses from the server. If a match is made anywhere in the server’s response then the browser assumes that a reflected XSS attack is being conducted and the browser will automatically alter the response so that the XSS attack will be unsuccessful to whomever initiated it.

The exact method used to alter a server’s response is a crucial component in preventing XSS attacks. If the attack is not properly neutralized then a malicious script may stil execute. On the other hand, it is also crucial that benign requests are not accidentally detected.

Security analysts figured out a way to use the IE 8’s altered response to conduct simple abuses and universal cross-site scripting attacks.

Jerry Bryant, a spokesman for Microsoft’s security response team, said that most of the security issues described were already fixed with the MS10-002 security patch, which was released for IE users earlier in February.

“Microsoft also added a defense-in-depth change (MS10-018) later in March to provide broader coverage for this type of attack scenario,” Bryant said.

But not all of the security issues have been fixed and the browser’s XSS filter is still introducing security risks on certain web sites.

Until this security hole is properly analyzed and carefully repaired, the researchers recommend the following server-side mitigations:

  • Filter all user-generated content so that, even if it is interpreted in a different context, it cannot execute.
  • Use site-wide anti-CSRF tokens that prevent any sort of XSS from being exploited in the first place.
  • Disable IE 8s filters using the response header opt-out mechanism. There are obvious pros and cons to doing this, so consider your options carefully. Despite the serious vulnerabilities discussed in this paper, the filters do go a long way towards protecting IE 8 users from traditional XSS attacks nevertheless. Obviously, once users have upgraded to the patched version we strongly suggest you keep the filters enabled.
  • End users running IE 8 should consider disabling the filters from within the browser until a comprehensive Microsoft patch is shipped later.
  • Microsoft's next 'Patch Tuesday' is only slated for May 11, so some IE 8 users are now hoping that nothing will happen until then abd that their systems will run normally.

    Add to     Digg this story Digg this

    Source: Microsoft.

    Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

    Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

    You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
    Google and all the others.

    Click here to order your Proxy Sentinel™ Internet security server today!

    Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
    Site optimized by Pagina+™
    Powered by Sun Hosting
    Search engine keywords by Rank for Sales
    Development platform by My Web Services
    Internet is listed in
    Global Business Listing

    | Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
    Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

    Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

    Get your Linux or Windows dedicated server today.

    The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.