Microsoft
Friday 2nd June, 2006 09:14 Comments: 0
Nice to see they\'re doing something right. A vulnerability has been found in IE (shocking, I know) that will make the browser crash when you click on it. It looks like it's a stack overflow in inetconn.dll, but it's most likely not exploitable because the DLL is compiled with /GS. There are no other interesting variables to overwrite between the buffer and the return address. It would probably be exploitable on older systems not compiled with /GS, but the code was added in XP SP2. Not only that, but it looks like it's already been fixed in IE7 (7.0.5346.5 on XP is apparently not vulnerable). It's bad that you can crash the browser, but it's good that it doesn\'t look like it can be used maliciously. Now if only they could sort out the memory leaks in IE7 Beta.