Microsoft recently released a security advisory for a certain vulnerability that affects all supported Microsoft Windows systems. The vulnerability specifically involves Internet Explorer and its impact is described to be similar to those of server-side cross-site scripting (XSS) vulnerabilities.
According to the security advisory, the bug is related to how MIME Encapsulation of Aggregate HTML (MHTML) interprets MIME-formatted requests. MHTML is basically the file format used to save entire Web pages, which includes actual page content, format, and others such as images and animations. Although no active attacks leveraging the said vulnerability has been found, the availability of the proof of concept (POC) to the public increases the chances that it will be maliciously used.
In a typical attack scenario, an attacker may convince a user through social engineering techniques to click a specially crafted link that injects a malicious script into the user’s instance of Internet Explorer. This then enables the attacker to execute certain routines such as altering content on the currently displayed site, to collect user information, or to even take action in the displayed site without the consent of the affected user.
The continued exploitation of vulnerabilities in OSs is just one of the Trend Micro threat predictions this year. 2011 is set to bring about growth in exploits for alternative OSs, programs, and Web browsers, combined with tremendous growth in the exploitation of application vulnerabilities.
Microsoft provided workarounds that users may implement while waiting for the patch to be released. Trend Micro, on the other hand, protects users from exploits that may arise through Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plug-in.