TUCoPS :: Browsers :: b06-1265.htm

Temporary workaround for IE createTextRange vulnerability
EEYE: Temporary workaround for IE createTextRange vulnerability
EEYE: Temporary workaround for IE createTextRange vulnerability



This is a multi-part message in MIME format.

------_=_NextPart_001_01C65200.61A15EDD
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

eEye Digital Security has created a temporary work around for the
current Internet Explorer zero day vulnerability within the IE
createTextRange functionality. 

This workaround has been created because currently there is no solution
from Microsoft other than the workaround to disable Active Scripting. We
have personally had requests from various customers and the community to
help provide a free solution in the case that companies and users are
not able to disable Active Scripting. The workaround we have created,
like ones before it, is experimental in a sense and should only be
installed if you are not able to use the safer mitigation of disabling
Active Scripting. 

The workaround is obviously free, and we do not require any registration
information to download it from the eEye website. 

Should you encounter any problems with the workaround or bugs please
send email to alerts@eeye.com with detailed information on the problem 
you experienced and we will work to fix any bugs in a timely fashion. We
will post updates to the website with version numbers and bug fixes
should they arise.

Obviously these things are experimental in nature but considering the
options of being vulnerable or at least having a fighting chance... Well
I think you get the point. Again this is just another mitigation option
until Microsoft releases their patch, which last was scheduled for April
11th or 16 days from now. 

For more information on the vulnerability and a link to download the
workaround please visit:
http://www.eeye.com/html/research/alerts/AL20060324.html 

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9329
http://eEye.com/Blink - End-Point Vulnerability Prevention 
http://eEye.com/Retina - Network Security Scanner 
http://eEye.com/Iris - Network Traffic Analyzer 
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities 

------_=_NextPart_001_01C65200.61A15EDD
Content-Type: application/ms-tnef;
	name="winmail.dat"
Content-Transfer-Encoding: base64

eJ8+IioAAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy
b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEEgAEAQAAAAEVFWUU6IFRlbXBvcmFyeSB3
b3JrYXJvdW5kIGZvciBJRSBjcmVhdGVUZXh0UmFuZ2UgdnVsbmVyYWJpbGl0eQCWFwEFgAMADgAA
ANYHAwAbABAAKQAmAAEAWwEBIIADAA4AAADWBwMAGwAQACkAKQABAF4BAQmAAQAhAAAAODI2MzZD
MTBCMzVBODM0RkE0MThENTNENjE0QkYzRjIAGQcBA5AGADgLAAAvAAAACwACAAEAAAADACYAAAAA
AAMANgAAAAAAQAA5AIDhoV8AUsYBHgA9AAEAAAABAAAAAAAAAAIBRwABAAAAPAAAAGM9VVM7YT0g
O3A9ZUV5ZSBEaWdpdGFsIFNlYztsPUFWLU1BSUwwMS0wNjAzMjgwMDQxNDFaLTEwMjM5AB4AcAAB
AAAAQAAAAEVFWUU6IFRlbXBvcmFyeSB3b3JrYXJvdW5kIGZvciBJRSBjcmVhdGVUZXh0UmFuZ2Ug
dnVsbmVyYWJpbGl0eQACAXEAAQAAABYAAAABxlIAX5ounAEfchNIIpVZwOZ+ztC7AAAeABoMAQAA
AA4AAABNYXJjIE1haWZmcmV0AAAAHgAdDgEAAABAAAAARUVZRTogVGVtcG9yYXJ5IHdvcmthcm91
bmQgZm9yIElFIGNyZWF0ZVRleHRSYW5nZSB2dWxuZXJhYmlsaXR5AAIBCRABAAAAbgUAAGoFAADd
CAAATFpGdQJ8W2cDAAoAcmNwZzEyNeIyA0N0ZXgFQQEDAff/CoACpAPkBxMCgA/zAFAEVj8IVQey
ESUOUQMBAgBjaOEKwHNldDIGAAbDESX2MwRGE7cwEiwRMwjvCfe2OxgfDjA1ESIMYGMAUDMLCQFk
MzYWUAumIGUARXllIERpZ2kXAZADIAZgYwhxdHkgJxPgBCAFAGVhDrBkIORhIA6wbXAFsArAHjCa
dwWwax8AA2B1bh7w8wIQBcB0aB0gHeEYIAIwHCBJAjAEkRQgIEV4FwtQBbASgXoEkG8gZGJhHjB2
dWwh4B+AYj8DEB4SA/Ag0AuAIMNJRVUehVQOwVIAcGcdIGZxIFBjdGkCIAdAHhEu9wrjCoQKgFQk
UAQgH9IgJR0eUmIJ4R6HKPBjYXW7FBAhBmweMCDRGCAgJ9HqbiLgcwbwdSZCIIADYZ8F0A3gA2Ar
oAGAIG8q4u8gwQORINIoCXQi4QQAAaCqbB0gQSYxdh0gUwUDdQuAZybQVx0gE+AvsXB/BJAroCZx
KrET4B7wGCBx2QpQc3QEICwzdgrAJlD/KgAhATJQA3AxIR8ALpIg4j0DcG0gUB4SLsEg4Gxw8zEA
A2B2aQEAHwEDUAng/yuYJGUp4CoRLYEFQDSBCrD/AwAHkTQCKgEz0isRK3AFQN8vIy7PL9onsC37
dzClHpX0LCAj0GsdIAIgB5Eo8PsgkSshdD3wJ9EOwDERB3H/AjAdkSRhHxAUEACANgEgYfRzaAhg
bB7wAiAqsSjwnzcRMlAxcR7hBpAgeQhgrzlvKgIg0jqQZhKBbR1w/x1QHsAr8izgOmUwQTrvJt7z
Lfsn0W9iNdAzISqxNkJ3PfA0Aj0BZCLgObIyAmn/KxEAcB4wGCAdYDJQH4A21U8gkQDAK+M6Qm93
QdBvvzHRHXAsJCDSHPM9AGIAkPsOsCbcU0FkQxIJ8AWgIFDvIbFMAzWhOrFtJ+EkMS3O8QWxYnVn
BCALUB6wKhH/QLEe8B9AC3ADIDpBB0AEkO0yYEAJ4B0QLjSBUxQBAP8BkAMQQrJNOU2yIOFSlVFk
/z+jUbEe4jzUA/AxgB/EOkH4Zml4TANUk0BjJkAHgP9KIh5gJFACIDBzWzMfYDJQ/TkAcCMADrAE
IDpBLdNPxM9TFC+wFAAr8m51BtAzxv9UkVvyB5FBVSDRHjAy8RQQ+i4m+k9JxyDRN7MwQTlU+z+e
JnB0CHAdIFSQOBIAgfcEgUZyINJvMCFn4UXSKPD/RnIjRjrBBbE4AVTyBUAwwfdGcjYhHVBoMDIe
gC2RWoDuLmzQMIFbUUllYyAAQxJXJdAFQFkDbwuAdCbQQe9FcCRjJ9En0WozcTPxLST/RTpo4zkA
AjADESyIGCBU839fUSDgS9AxAB7AE9A98HfvJFAT0D4AaxJ3HmEE8CDgbmQjUB7hIJJBNaADETHm
MVNBBbExNiLyMnUrcPp3JtxGBbEEYCsSWC8jPf80Ah8QRmFbs04XLd1U5TXQDU/hOib0bBB0cDov
VC93f3AuVqYvbBBtvGwvGCAUEArAE9AvVjQoL0FMAdAwHDAzMvw0LoBCUEsdUCHgPeAm9L5NgNEF
0AtwASAYIHQm9KZDJFABECBIANBrRnL+TwEgDeAEkCb0HP8eAidVQC45NDkuM4jROd+B0A5QeISI
uIIAOX6rhvI1f/NCe9MtIhAgYC1Q6W6yIFYjW1AYIC+wcfH3AiCKz3/zUhQgC4AfEIyA/QfAdB/T
Hccv4ABwI3GOz+1/80ljYZCJVB+AhjIQwD0mcXkisZI/f/Mdw2VJtkkF8IyAUzpANYBrd8H/QHE4
4m2wmAOXQiNKOJIm9AJ9msAAAB4ANRABAAAARQAAADxBNjQxQ0VBRERCQUVBRTRDOTZGQzVCRjg1
NDY5NTI2OEUzQTVCNEBhdi1tYWlsMDEuY29ycC5pbnQtZWV5ZS5jb20+AAAAAAMAgBD/////HwDz
EAEAAACMAAAARQBFAFkARQAlADMAQQAgAFQAZQBtAHAAbwByAGEAcgB5ACAAdwBvAHIAawBhAHIA
bwB1AG4AZAAgAGYAbwByACAASQBFACAAYwByAGUAYQB0AGUAVABlAHgAdABSAGEAbgBnAGUAIAB2
AHUAbABuAGUAcgBhAGIAaQBsAGkAdAB5AC4ARQBNAEwAAAALAPYQAAAAAEAABzDdXqFhAFLGAUAA
CDBF6KphAFLGAQMA3j+fTgAAAwDxPwkEAAAeAPg/AQAAAA4AAABNYXJjIE1haWZmcmV0AAAAAgH5
PwEAAABuAAAAAAAAANynQMjAQhAatLkIACsv4YIBAAAAAAAAAC9PPUVFWUUgRElHSVRBTCBTRUNV
UklUWS9PVT1GSVJTVCBBRE1JTklTVFJBVElWRSBHUk9VUC9DTj1SRUNJUElFTlRTL0NOPU1NQUlG
RlJFVAAAAB4A+j8BAAAAFQAAAFN5c3RlbSBBZG1pbmlzdHJhdG9yAAAAAAIB+z8BAAAAHgAAAAAA
AADcp0DIwEIQGrS5CAArL+GCAQAAAAAAAAAuAAAAAwD9P+QEAAADABlAAAAAAAMAGkAAAAAAHgAw
QAEAAAAKAAAATU1BSUZGUkVUAAAAHgAxQAEAAAAKAAAATU1BSUZGUkVUAAAAHgA4QAEAAAAKAAAA
TU1BSUZGUkVUAAAAHgA5QAEAAAACAAAALgAAAAMAdkD/////AwAJWQEAAAALAIeBCCAGAAAAAADA
AAAAAAAARgAAAAAOhQAAAAAAAAMA64EIIAYAAAAAAMAAAAAAAABGAAAAAAGFAAAAAAAACwDwgQgg
BgAAAAAAwAAAAAAAAEYAAAAAA4UAAAAAAAADAPqBCCAGAAAAAADAAAAAAAAARgAAAAAQhQAAAAAA
AAMAAYIIIAYAAAAAAMAAAAAAAABGAAAAABiFAAAAAAAACwAgggggBgAAAAAAwAAAAAAAAEYAAAAA
BoUAAAAAAAALACGCCCAGAAAAAADAAAAAAAAARgAAAACChQAAAAAAAAsAKQAAAAAACwAjAAAAAAAD
AAYQHemSVQMABxAsBgAAAwAQEAAAAAADABEQAAAAAB4ACBABAAAAZQAAAEVFWUVESUdJVEFMU0VD
VVJJVFlIQVNDUkVBVEVEQVRFTVBPUkFSWVdPUktBUk9VTkRGT1JUSEVDVVJSRU5USU5URVJORVRF
WFBMT1JFUlpFUk9EQVlWVUxORVJBQklMSVRZV0kAAAAAAgF/AAEAAABFAAAAPEE2NDFDRUFEREJB
RUFFNEM5NkZDNUJGODU0Njk1MjY4RTNBNUI0QGF2LW1haWwwMS5jb3JwLmludC1lZXllLmNvbT4A
AAAAowc
------_=_NextPart_001_01C65200.61A15EDD--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH