Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
undelay When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 26th Nov, 2009 23:26
Ranking: 0
Posts: 25
User Since: 26th Nov, 2009
System Score: N/A
Location: N/A
In Vista HP SP2 with all my updates.

undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 27th Nov, 2009 14:57
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Last edited on 27th Nov, 2009 15:07
AFFECTS:
Internet Explorer 7, possibly other versions; Windows Vista, possibly other versions.

IMPACT:
If a user of the PSI application opens a Secunia website link from within the application, and continues browsing afterwards the user is exposed to threats from other web sites they may visit.

WORKAROUNDS:
1. Use Firefox or any other web browser as the default browser; or,
2. Always close the web browser window you use to view the pages at http://www.secunia.com/ after viewing materials linked from within the PSI application.

SOLUTION:
Secunia is looking into the problem. I received an email from them this morning (11/27/2009).
Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 27th Nov, 2009 22:13
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Last edited on 27th Nov, 2009 22:15
I have not only duplicated this issue on other machines, but have another piece of information to add to what is above.

Previously, I noted a workaround related to links to Secunia from within the PSI application. I also noticed there are links to Microsoft websites in the PSI application.

Therefore, if you continue to use Internet Explorer as your default browser and visit ANY links from within the PSI application, make sure you close that browser window and do NOT use Internet Explorer with Protected Mode OFF for the purpose of visiting other websites.

I highly recommend you use firefox as your default browser until this issue is fixed. Links to other vendor web sites may exist within the PSI application and sometimes those vendors use advertisements that could possibly be from compromised sources.
Was this reply relevant?
+0
-0
kep08 RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 27th Nov, 2009 22:21
Score: 0
Posts: 3
User Since: 15th Apr 2008
System Score: 98%
Location: MA, US
not good, I have this thread open in two windows one is protected one not...
Thanks for the heads up.
Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 27th Nov, 2009 22:31
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
And the concern is understandable.

Rest assured, the software development team is aware of this specific problem, I have an email from Secunia stating so. I am very interested in seeing how this plays out, what Threat Assessment this gets, and how fast a patch is released.

I stumbled on this by accident, and frankly, I'm as concerned as most of you probably are. However, Secunia is a company that takes security seriously and the fact this thread is still here should speak volumes to everyone.

I'm not trying to bash Secunia by anything I've done. I think it is important to note that the code for PSI comes from the corporate version and this is a situation where they will probably have to update two software applications, not just one. This will take some time, so in the mean time, share this with your friends and let them know that a workaround does exist.
Was this reply relevant?
+0
-0
kep08 RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 27th Nov, 2009 23:14
Score: 0
Posts: 3
User Since: 15th Apr 2008
System Score: 98%
Location: MA, US
Last edited on 29th Nov, 2009 18:38
Lets hope for a quick fix.
I often "wonder" off to other places during times I'm doing any updating (and pretty much any other time;}
Keeping an eye on the Protected Mode wasn't something I was doing, but will in the future.
Thanks again for the heads up.
And a BIG thanks to Secunia for keeping us up to date on so many patches that would just go unnoted.

ps: Perhaps this mean that PSI should be marked as insecure??

Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 27th Nov, 2009 23:21
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Last edited on 28th Nov, 2009 00:14
At this point, I would say no. I do not code the application, so it could be that the vulnerability is within Windows itself, or in PSI. I'm not sure anyone knows right now.

How you ask? It may be from the way the application requests are handled internally. For example, if this is due to the fact the application is Digitally Signed coupled with the program performing operations that may be deep within the system, it could be a problem with the Windows kernel itself, or some other thing like how a Microsoft API is working in the background.

That said, it looks like this may be something Secunia can fix within their program - but keep in mind I do not work for Secunia and I do not program other than basic HTML.

I look forward to this problem being resolved to the satisfaction of all of the customers Secunia has, paid and free.
Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 29th Nov, 2009 16:41
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
After discussion with some of my more computer literate friends, we have determined this is a Windows vulnerability. I really can't stress this enough, until this is patched, use Firefox as your default browser.
Was this reply relevant?
+0
-0
kep08 RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 29th Nov, 2009 18:30
Score: 0
Posts: 3
User Since: 15th Apr 2008
System Score: 98%
Location: MA, US
Has any one seen this with IE8?

This in most definitely a Windows problem NOT a Secunia problem as I see the same problem with other programs that need to "read" your system. (i.e. FileHippo)
Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 29th Nov, 2009 18:48
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Correct. The Secunia PSI application is not vulnerable, it only demonstrates a vulnerability in Windows Vista and possibly Windows 7.
Was this reply relevant?
+0
-0
Anthony Wells RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Expert Contributor 29th Nov, 2009 20:54
Score: 2384
Posts: 3,280
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 29th Nov, 2009 20:59
Not wishing to "over egg the pudding" , whilst IE8 is "relatively" secure (when fully set) , IE7** is currently showing a CAT4 (highly) critical attack vector as unpatched in "secure browsing" , see SA 37448.

So be extra , extra careful out there .

Anthony

**edit: IE 6 is also vulnerable

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 29th Nov, 2009 22:54
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Thank you Anthony, for reminding me of that. The problem that I have with using IE8 is that there is no way of verifying that Protected Mode is active when visiting any web sites. I have other issues with IE8, like it breaking some of my favorite sites, but I could live with that if I was assured Protected Mode was active especially when visiting vendor sites like Yahoo, which has flash advertisements from third party sources. With all of the vulnerabilities in Flash 10b, coupled with the fact the 10c update is problematic for many, this is a serious issue.

I have found another vulnerability in Internet Explorer and Windows Vista. I'm wondering whether any Windows OS is safe. For now, I will use Firefox to browse "new to me" web sites and play wait and see with fixes for these vulns.
Was this reply relevant?
+0
-0
Anthony Wells RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Expert Contributor 29th Nov, 2009 23:27
Score: 2384
Posts: 3,280
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello undelay ,

Flash 10b.ocx is "insecure" and so a "potential" security risk and should be removed ; upating to 10c.ocx is only a problem if you don't "close" and actually "exit" your browsers , PSI and all and every such things as Messenger(s) , which use Flash ActiveX version , before you run the latest Flash installer.

The latest Flash 10 installers will remove the previous version , but not older versions , this way.

While I am not 100% paranoid , I think that running Firefox in Sandboxie** gives me great peace of mind ;)) Chrome's sandbox system is seemingly still "vulnerable" concerning plug-ins lke Flash and Java.

Take care
Anthony

**not everbody's cup of tea !!

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
undelay RE: When clicking a link in PSI, it opens IE7 with Protected Mode OFF.
Member 29th Nov, 2009 23:35
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
I'm using SteadyState, which helps, but like some of the solutions you presented, it certainly is not for everyone.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability