• On The Insider: Judge Bans Real Housewives Sex Tape
advertisement
Click Here

eEye patch for the IE createTextRange() vulnerability

Download Now (936K)
Tested spyware free

Features

  • License:

    Free

  • Editor's Rating:

    Not rated

  • Average User Rating:

    1.5 stars (out of 2 votes) Rate it!

  • Downloads:

    2,835

  • Operating Systems:

    Windows Me, Windows NT, Windows XP, Windows 2000, Windows 98

  • Additional Requirements:

    Windows 98/Me/NT/2000/XP/2003 Server, Internet Explorer 5.01 or 6.0

  • Limitations:

    No limitations

  • Date Added:

    March 28, 2006

Publisher's description of eEye patch for the IE createTextRange() vulnerability

From eEye Digital Security:

CNET Editor's Note: Organizations should only install this patch if they are not able to disable Active Scripting as a means of mitigation.

eEye Digital Security is advising customers to the existence of exploit code that targets a critical security vulnerability in Microsoft Internet Explorer. The exploit pertains to an unpatched vulnerability that has been released on various public mailing lists.

This issue affects any Windows operating system running Internet Explorer versions 5.01 SP4 through 6.0 SP1. The vulnerability results from the method in which Internet Explorer handles HTML Objects. This flaw allows for remote code to be executed on the target system. If successfully exploited, an attacker will only have the rights of the currently logged on user. System Administrators should be careful to not use Administrator accounts for general system use.

There have been numerous reports of this vulnerability being used on various websites in attempts to install Spyware and remote control ""bot"" software for use in Distributed Denial of Service (DDoS) attacks.

The recommended action required to protect systems against this attack is to disable Active Scripting from within Internet Explorer.

Additionally, eEye Digital Security s Research Team has released a workaround for the vulnerability as a temporary measure for customers who have not yet installed Blink, eEye's host-based intrusion prevention solution. This workaround is not meant to replace the forthcoming Microsoft patch, rather it is intended as a temporary protection against this flaw.

See more CNET content tagged:
eEye Digital Security
Memeo Share
Share photos and videos directly to the desktop.
Download Now

More popular Operating Systems & Updates downloads

  1. 9,833 downloads 1. Windows 7
  2. 4,661 downloads 2. Windows XP Service Pack 3
  3. 3,349 downloads 3. Windows XP Media Center Edition
  4. 3,292 downloads 4. Microsoft Windows XP Service Pack 3
  5. 3,013 downloads 5. Microsoft DirectX
  6. See all Operating Systems & Updates downloads
Adobe Acrobat Professional
Compile different file types into one for easier sharing
Download Now

User reviews

Submit your review

Log in or create an account to submit your review for:

eEye patch for the IE createTextRange() vulnerability

ORLog in with your Facebook account
1. Rate this product:
(Mouse over the stars to rate this product and click to set your rating.)
2. One-line summary:(Summarize your review in one line. 10 characters minimum; required.)
0 of 55 characters
3. Pros:(Tell us what you like about this product. 10 characters minimum; required.)
0 of 250 characters
4. Cons:(Tell us what you don't like about this product. 10 characters minimum; required.)
0 of 250 characters
Bottom-line summary:(Explain to us in detail why you like or dislike the product, focusing your comments on the product's features and functionality, and your experience using the product. This field is optional.)
0 of 5000 characters

The posting of advertisements, profanity, or personal attacks are prohibited.
Click here to review our site terms of use.

Submit

You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.

All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.

CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.

advertisement
download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET