Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Microsoft Security Advisory 2501696 - Windows Script Injection Vulnerability

While the MHTML protocol is not often seen, it could be used in new attacks until this vulnerability is patched.  Please be careful if you encounter this and ensure there is a legitimate and safe use of this special protocol.

Microsoft Warns of Windows Script Injection Vulnerability
http://blogs.pcmag.com/securitywatch/2011/01/microsoft_warns_of_windows_scr.php
http://www.microsoft.com/technet/security/advisory/2501696.mspx

QUOTE: Microsoft tonight released a security advisory for a publicly-disclosed vulnerability in all versions of Windows. Security Advisory 2501696 describes a bug in the MHTML handler in Windows which could lead to information disclosure.  MHTML (MIME Encapsulation of Aggregate HTML) encapsulates HTML in a MIME structure. MIME (Multipurpose Internet Mail Extensions) is a data format for encapsulating more complex binary structures in a text-only format. Windows includes a pluggable protocol handler (MHTML:) that allows applications to render MHTML structures. Internet Explorer is one of these and it can be abused to exploit the bug in the context of a web page, causing script to be executed. The user would have click a link to an MHTML:// document.