Vulnerability Note VU#411516

Microsoft Windows kernel contains an exception handling vulnerability that can allow a remote attacker to execute arbitrary code with privileges of the local user. Exploitation of this vulnerability can occur if an attacker convinces a user to visit a specially crafted web site.

Microsoft's bulletin states that the following Windows operating systems are affected by this vulnerability:

• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Service Pack 1
• Microsoft Windows Server 2003 x64 Edition

A remote attacker who can successfully convince a user visit a specially crafted web site may be able to execute arbitrary code with privileges of the local user.

Apply an update
Microsoft has released updates in Microsoft Security Bulletin MS06-051 to address this issue.

Workarounds

Microsoft lists the following workarounds* for this vulnerability:

Disable active scripting in the My Computer zone.
Please see the Microsoft Security Bulletin MS06-051 for further details and cautions regarding use of the Registry Editor.

1. Click Start, click Run, type regedt32, and then click OK.
2. In Registry Editor, locate the following registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
3. Double click the DWORD Value: 1400.
4. The Edit DWORD value dialogue appears. The default value is 0. Change this value to value to 3.
5. Close and restart Internet Explorer.

Read e-mail messages in plain text format.
E-mail messages viewed in plain text will not contain pictures, special fonts, or other rich content.