In today’s Patch Tuesday release, Microsoft issued two security updates, one of which was deemed “critical.” That one, MS05-054, is a cumulative patch for Internet Explorer which provides four fixes, including one for a bug that permitted drive-by malicious downloads. Microsoft did not, however, fix the cross site scripting flaw that had briefly exposed Google Desktop until Google did a workaround.
Nate Mook at BetaNews:
Internet Explorer is not having a good week. After the discovery of an unpatched flaw in the ubiquitous Web browser and code to exploit it prompted Microsoft to issue a public advisory, a new vulnerability has been found that puts users of Google Desktop at risk — even if they are running a fully patched system.
Uncovered by Israeli hacker Matan Gillon, the security hole involves a problem with the way IE imports cascading style sheets (CSS) from other Web sites, a technique referred to as cross site scripting (XSS). IE will import any type of file with a bracket, regardless of whether or not it’s valid CSS.
By combining the flaw with Google’s Desktop Search, a malicious Web site could read personal data off a visitor’s machine.
The vulnerability could extend beyond Google Desktop Search, however, to any service or application that relies on cross-domain security policies within Internet Explorer.
The exploit affects IE6 on Windows XP SP2 with all patches installed. Mozilla’s Firefox is not affected, nor is Opera, “because it doesn’t support the styleSheets collection,” said Gillon.
More by following the link