BitDefender informed that it had addressed the critical zero-day security flaw of Internet Explorer 7 and Internet Explorer 8 Beta 1 by issuing a signature update for its products. The Cross-Zone Scripting vulnerability in the browser's “Print Table of Links” feature was discovered by independent security researcher Aviv Raff, who also made public the attack code the past week. Microsoft was informed about the vulnerability but has so far failed to issue a patch in response.
The zero-day Cross-Zone Scripting vulnerability was proved to allow remote code execution in the eventuality of successful exploits targeting either IE7 or IE8 Beta 1 running on Windows XP. IE6 is also reportedly affected, although this detail has yet to be confirmed. When the vulnerability is exploited in IE7 or IE8 Beta 1 browsers running in Windows Vista with User Account Control enabled the risk is less severe, allowing only information disclosure.
“The exploitable vulnerability results from a combination of coding mistakes and sloppy security thinking,” commented BitDefender Innovations Product Manager Alexandru Balan. “The code has numerous bugs but it is also executed in a lower-security context than it should be and the combination opens a way for hackers to compromise a system.”
In the video, you will be able to see the vulnerability exploited in Internet Explorer 7 running on Windows XP. Printing a maliciously crafter web page with the “Print Table of Links” option checked results in the arbitrary code being executed on the compromised machines. In this case, the code simply runs Calculator but, at this stage, an attacker would be able to completely take over the box.