Introduction

In today's world you're not even safe when you’re crossing the street at 2PM on a weekday. You can't look at someone the wrong way, you can't accidentally stumble into someone, and in some countries you can't even speak your mind: if you do, the consequences are deadly. It's no different on the Internet.

For the average home user running Windows 9x, ME, 2000, or XP, it's nearly impossible to keep up with the constant bug fixes for all of your applications. Obviously, the safest way to run your computer would be to never connect to the Internet at all, but what kind of a boring life would that be?

Over the last couple of days I've spent many an hour scouring the 'net for patches, bug fixes, and updates for my Windows 2000 web server running IIS 5, because that's where I'd be most vulnerable, right? Well apparently not. I was reading a new post the other day that linked to this site. What I found on that site shocked me.

Apparently Microsoft were in a little bit of a rush to get Internet Explorer 6 out the door and forgot to take that extra bit of time to debug and test it for security cracks and holes... naughty naughty.

If you're wondering how the heck a browser can be hacked, then please allow me to explain. Firstly, Microsoft's implementation of client side JScript (Microsofts version of JavaScript) exposes some simple security flaws that allow us to use common JScript functions such as document.open and document.write to spoof another site, steal cookies, and more worryingly physically read existing files on a users machine... all through one or two lines of code.

Unfortunately, if you're using the standard version of Internet Explorer 6 then you're not safe. I've tested some code snippets with both IE6 version 6.0.2479.0006 and version 6.0.2600.0000 and both were prone to the flaws. Think of the consequences of someone being able to manipulate your local files from a remote location.

I guess this bring up the question "Is IE6 really worth it?". Considering that there are several other browsers available for free (such as Netscape 6 and Opera 5, both of which do a great job of rendering pages closely to the W3C standards), is it worth sacrificing the integrity and security of your system just to get a couple of Internet Explorer 6 options such as smart tags? /me thinks not.

Being a seasoned JavaScript programmer myself, I was curious as to how these holes could be exploited. If you visit osioniusx.com/ then you'll see a complete list of coding examples and methods used to exploit these holes. Their examples and info are great, but I wanted to actually create a couple of HTML pages to show you just how severe the holes are.

[Note] This article was not designed to encourage hacking or anything of that nature. I wrote this article because I feel that the general public have a right to know whether or not certain actions they take might compromise their data or the security of their personal computers.

By continuing to read this article you are acknowledging that if any of the code samples described in this article compromise the security of your system in any way, then the only person who can be held responsible is you. [End Note]

Read More...