HTML Help File Code Execution Vulnerability

A security vulnerability exists in the HTML Help facility that ships with Microsoft® Internet Explorer which could allow a malicious web site to take inappropriate action on the computer of a visiting user.

Issue

The HTML Help facility provides the ability to launch code via shortcuts included in HTML Help files. If a compiled HTML Help (.chm) file were referenced by a malicious web site, it could potentially be used to launch code on a visiting user's computer without the user's approval. Such code could take any actions that the user could take, including adding, changing or deleting data, or communicating with a remote web site.

A web site could only invoke an HTML Help file if it resided on a UNC share accessible from the user's machine, or on the user's machine itself. A firewall that blocks Netbios would prevent the former case from being exploited. Adhering to standard security practices would prevent the latter. In addition, an HTML Help file could only be invoked if Active Scripting was permitted in the Security Zone that the malicious user's site resides in. The patch eliminates the vulnerability by only allowing an HTML Help file to use shortcuts if the help file resides on the local machine.

Affected Products

• Internet Explorer 4.0, 4.01, 5.0 and 5.01

Solution

Software patches are available from the following locations:

• Internet Explorer 4.0, 4.01, 5.0, or 5.01 running on Windows 95, 98, 98SE, or Windows NT 4.0:
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=21705
• Internet Explorer 5.01 on Windows 2000:
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=21706

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: June 2, 2000

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<