Archive

Archive for the ‘Vulnerability’ Category

Microsoft KB2501696 MHTML Vulnerability Test and Quick Fix Workaround – Group Policy Friendly

January 31st, 2011 5 comments

All Microsoft platforms since Windows XP SP3 are affected with this pretty nasty vulnerability. Referencing KB2501696 shows that this bug is caused by the way Windows handles MHTML documents. Internet Explorer is not the one at fault here, this is a Windows bug, however IE will be the attack vector for anyone wanting to take advantage of this flaw (and they will).

First off, to see if you are affected, follow this test link using Internet Explorer. If you get a popup box saying you are affected, then you should apply this fix right away. Also, make sure you are using Internet Explorer since most other browsers do not use the Windows MHTML libraries.

Microsoft gives a lame “FixIt” MSI that is not very GPO friendly. So I went out and wrote my own fix for it. It’s a batch script that you can run locally on a single computer or deploy as a “startup/shutdown script” in Group Policy without any edits needed. It is also compatible with x86 and x64 bit machines. Copy the following into your favorite text editor and give it a “.cmd” extension.

You can also click here to download it. Comment below and let me know how this works for you or if you have any other questions/comments/improvements!

Thanks!

Categories: How To, Malware, MHTML, Security, Vulnerability Tags: