[13974] in bugtraq
MS signed softwrare privileges
daemon@ATHENA.MIT.EDU (cuartango@TELELINE.ES)
Tue Feb 22 22:37:33 2000
Message-Id: <20000222163538.6862.qmail@securityfocus.com>
Date: Tue, 22 Feb 2000 16:35:38 -0000
Reply-To: cuartango@TELELINE.ES
From: cuartango@TELELINE.ES
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
I would like to clarify some aspects from the Elias post
regarding Microsoft signed software.
The fact that anybody could install MS signed software
using Active Setup component in not very important.
The issue is : MS can silently execute any code in our
Windows systems just using their signature.
MS has privileged their code, even if your IE security
setting "Download signed ActiveX" is set to prompt MS
software will be installed without prompting the user.
It seems that MS has left a back door that will allow them
to perform any action in the Windows systems just visiting
a WEB page or opening an e-mail message.
I have prepared a demo in :
http://www.angelfire.com/ab/juan123/iengine.html
This demo shows the diferent behaviour of IE when the
ActiveX is signed by MS or signed by others.
This issue opens a big security and privacy hole, MS can
take complete control over our systems using this backdoor.
In this backdoor acceptable ?
In my opinion It is not, I have worked 18 years for
diferent OS software manufacturers and I have never
installed one line of code without a previous user approval.
