1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA15689

Microsoft Agent Trusted Internet Content Spoofing Vulnerability

Report ID: SA15689
Source: Secunia
Date of Discovery: 14.06.2005
Criticality: Important
Affects:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millenium
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Compromise From: From remote
Compromise Type: Spoofing

Summary

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to spoof certain information and potentially trick a user into installing a malicious program.

Detailed Description

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to spoof certain information and potentially trick a user into installing a malicious program.

The vulnerability is caused due to an error in Microsoft Agent making it possible to spoof trusted Internet content (e.g. hide various security prompts by a Microsoft Agent character). This can be exploited to trick a user into believing that they are looking at trusted content when actually visiting a malicious web site.

Successful exploitation requires that a user visits a malicious web site.

Solution

Apply patches.

Microsoft Windows 2000 (requires SP3 or SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=6A7DEE96-F693-4C50-896D-2365873245A9

Microsoft Windows XP (requires SP1 or SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=F2247275-25F9-4937-97CD-9334135D6D79

Microsoft Windows XP 64-Bit Edition for Itanium (requires SP1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=33E0A62D-395B-402C-A0A4-82E892E9B7AE

Microsoft Windows XP 64-Bit Edition Version 2003 for Itanium:
http://www.microsoft.com/downloads/details.aspx?FamilyId=9BA306DC-9C31-432B-91E0-B057C9C1EEAE

Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=8C73D017-CF4F-49A3-9752-764F165F5B83

Microsoft Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5B38AF7A-3054-4EFD-9007-E4EB3B57179E

Microsoft Windows Server 2003 for Itanium-based systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=EDFF8603-6352-4410-9258-54DF418CCA99

Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=AFF0FE48-AFE0-4E7A-9FB0-6CB7E8332D49

Microsoft Windows 98, Windows 98 SE, and Windows ME:
Microsoft will not release security updates for these versions of Windows.

CVE Reference

CVE-2005-1214