Secunia and FRSIRT announce IE vulnerability - Web View Folder Icon Integer Overflow
Note: despite all the headlines to the contrary, this is not an IE vulnerability, although IE is an exploit vector - it is a vulnerability in the Windows Shell.
Edit: MS Security Advisory here - patch due by October 10
http://www.microsoft.com/technet/security/advisory/926043.mspx
Secunia and FRSIRT have released information about a new IE vulnerability:
http://secunia.com/advisories/22159/
http://www.frsirt.com/english/advisories/2006/2882
My tests indicate that not only does the demonstration page crash Internet Explorer 7 on Windows XP if you allow the activex control to download and run, it also kills FrontPage until you reboot.... I must have spent half an hour trying to "fix" FrontPage until it occurred to me that the crash I was seeing, and the exploit, both affected the same functionality - Web Folders.
Note, the demonstration page does not work in IE7 on Vista even with Protected Mode turned off - the "Start Demo" button does not respond.
The error in FrontPage that I experienced after crashing IE7 using the exploit was "Cannot find stsnwi.dll" when trying to publish updates.
My skills are not sufficient to be able to tell you if the IE crash is sufficient to allow an exploit, or if it simply crashes IE. Somebody way smarter than me will need to study that. If I find out, I'll let you know.