Microsoft Security Bulletin MS99-032 - Critical
Patch Available for "scriptlet.typelib/Eyedog" Vulnerability
Published: August 31, 1999 | Updated: March 21, 2003
Patch Availability Information Updated: March 21, 2003
Revised: October 12, 1999
Revised: September 02, 1999
Originally Posted: August 31, 1999
Microsoft has released a patch that eliminates security vulnerabilities in two ActiveX controls. The net effect of the vulnerabilities is that a web page could take unauthorized action against a person who visited it. Specifically, the web page would be able to do anything on the computer that the user could do.
Frequently asked questions regarding this vulnerability can be found at http://www.microsoft.com/technet/security/bulletin/fq99-032.mspx
This issue involves two ActiveX controls, scriptlet.typelib and Eyedog. These controls are not in any way related to each other; their only relationship is that both are incorrectly marked as "safe for scripting" and can therefore be called from Internet Explorer.
scriptlet.typelib is a control used by developers to generate Type Libraries for Windows Script Components. It is marked as "safe for scripting", but should not be because it allows local files to be created or modified. The patch removes the "safe for scripting" marking, thereby causing IE to request confirmation from the user before loading the control.
Eyedog is a control used by diagnostic software in Windows. It is marked as "safe for scripting", but should not be because it allows registry information to be queried and machine characteristics to be gathered. In addition, one of the control's methods is vulnerable to a buffer overrun attack. The patch sets the so-called "kill bit", which prevents it from loading within IE.
Affected Software Versions
- Microsoft Internet Explorer 4.0 and 5.0
- Eyedog Safe for Scripting Vulnerability: CAN-1999-0669
- Eyedog Buffer Overrun Vulnerability: CAN-1999-0670
- scriptlet.typelib Safe For Scripting Vulnerability: CVE-1999-0668
The patch is available at the following locations:
The patch is also available at the following alternative locations:
- Microsoft Windows 95 and 98:
- Microsoft Windows NT:
Please see the following references for more information related to this issue.
- Microsoft Security Bulletin MS99-032: Frequently Asked Questions,
- Microsoft Knowledge Base (KB) article 240308, Update Available for scriptlet.typelib/Eyedog Security Vulnerability,
- Microsoft Knowledge Base (KB) article 240797, How to Keep an ActiveX Control from Running in Internet Explorer,
- Microsoft Security web site,
Note It may take 24 hours from the original posting of this bulletin for the KB articles to be visible.
Obtaining Support on this Issue
This is a fully supported patch. Information on contacting Microsoft Technical Support is available at http://support.microsoft.com/contactussupport/?ws=support.
Microsoft acknowledges Georgi Guninski, independent consultant, for reporting the "scriptlet.typelib" vulnerability to us, and Shane Hird of Australia, Adrian O'Neill and Richard Smith for reporting the "Eyedog" vulnerability to us.
- August 31, 1999: Bulletin Created.
- September 02, 1999: Provided direct link to patch file for Windows 95 and 98 users.
- October 12, 1999: Updated to provide information on availability of patch via WindowsUpdate.
- V2.0 (March 21, 2003): Introduced versioning and updated patch availability information.
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Built at 2014-04-16T02:39:51Z-07:00