Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

CMDExe

The link below will take you to a test that will help determine if you have the Remote Access / Remote Command Execution flaw.

Remote Access / Remote Command Execution Test Visit our Remote Access Testing page to check now [Link Down]

*this will open up a new window that should close itself once the test starts.

What is CMDExe, IE Command Execution Vulnerability

Microsoft issued a patch that fixes the IE Command Execution Vulnerability; use their free update tool.

This Exploit allowed remote code execution with parameters, a most serious vulnerability! This would make possible the ability to execute a whole host of commands including shutting down your firewall, executing administrative programs and installing malware from the internet.

IE Command Execution – Vulnerable Systems

The following systems are reported to be vulnerable:
– Fully patched systems running Microsoft Windows XP (SP2) w Internet Explorer 6 or higher.
– Fully patched systems running Microsoft Windows Server 2003 w Internet Explorer 6 or higher.

How Remote Command Execution Works- CMDExe

This new IE Command Execution Vulnerability takes advantage in flaws uncovered in the HTML Help control. By using the local privileges of the Windows Help file, Malware can be installed and executed from any site on the internet.

CMDExe – Security Patch

You can now install a patch to fix this problem. Before the patch, the only way to protect yourself was by disabling ActiveX support, here’s how:

Disable Active Scripting – Internet Explorer 3.x:
a. On the View menu, click Options, click the Security tab, and then click to clear the Run ActiveX Scripts check box under Active Content.
b. Click OK.

Disable Active Scripting – Internet Explorer 4.x:
a. On the View menu, click Internet Options, click the Security tab, click the Internet Web content zone, click Custom (for expert users), and then click Settings.
b. Scroll down to the Scripting section, click Disable under Scripting of Java applets and Active scripting, click OK, and then click OK again.

Disable Active Scripting – Internet Explorer 5.0, 5.01, 5.5, 6x
a. On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
b. In the Settings box, scroll down to the Scripting section, and click Disable under Active scripting and Scripting of Java applets.
c. Click OK, and then click OK again.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *