14 DAY TRIAL // An attacker can take full control of both 32-bit and 64-bit editions of Windows Vista without any user interaction whatsoever. And yet again Microsoft's browser can function as a vector of attacks. There are no less than 4 vulnerabilities impacting the versions of Internet Explorer 7 that ship by default with Windows Vista. According to Microsoft, two of these flaws have been cataloged as having a Critical severity rating, while the remaining two have been labeled as important.
Both the Arbitrary File Rewrite and the Property Memory Corruption vulnerabilities affecting IE7 in Windows Vista will permit remote arbitrary code execution. "A remote code execution vulnerability exists in the way Internet Explorer handles a property method. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system," reads Microsoft's description of the Property Memory Corruption vulnerability.
No user interaction is needed for a successful exploit via the Arbitrary File Rewrite vulnerability. "A remote code execution vulnerability exists in a media service component that was never supported in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system," Microsoft informed in relation to the Arbitrary File Rewrite flaw.
The COM Object Instantiation Memory Corruption and the HTML Objects Memory Corruption vulnerabilities are the additional two flaws rated as Important by Microsoft that exist in IE7 running on Vista. An attacker, in the eventuality of a successful exploit, can completely own a computer running Windows Vista.
All the mitigations that Microsoft has in place for Windows Vista, including the 64-bit editions of the operating system, as well as the extra barriers of security in IE7, amount to nothing in the case of the Arbitrary File Rewrite and the Property Memory Corruption vulnerabilities. Microsoft revealed that the vulnerabilities were both privately and publicly reported, but the Redmond Company did not warn of attacks against IE7 in Windows Vista.
A security patch is already in place and distributed via the automated update mechanism. Just make sure to update your copy of Windows. Additionally, you will be able to manually download the patch here, through Microsoft Security Bulletin MS07-027.