Microsoft Windows XP SP2 Malformed MHT File Bypass Limit Vulnerability

        Programs involved: Microsoft Windows XP SP2 program Description: Microsoft Windows XP SP2 malformed MHT file bypassing limitation vulnerability Details: Windows XP is a popular Windows operating system. Windows XP SP2 has problems handling MHtml files, and remote attackers can exploit this vulnerability to bypass the local computer zone to restrict arbitrary script execution. The http-equiv report allows the user to create a MHtml file containing a specially constructed Content-Location value that will be executed in the local computer security zone when Windows XP SP2 is executed, without using a restricted intranet domain. If the URL pointed to by Content-Location displays an intranet URL (such as 'news://malware/'), the restriction on the script code in the local computer area can be bypassed. Affected Systems: Microsoft Windows XP Professional SP2 Microsoft Windows XP Home SP2 Attack Method: The following programs (methods) may be offensive and are intended for security research and teaching purposes only. Users are at their own risk! The following test methods are available at [email protected] ([email protected]): http://www.malware.com/malware.sp2.zip Solution: Vendor Patch: Microsoft ------ --- Currently the vendor has not provided a patch or upgrade program. We recommend that users who use this software should pay attention to the manufacturer's homepage to get the latest version: http://www.microsoft.com/technet/security/