Intrusion Prevention

MS.IE.HTA.File.Execution

Description

This indicates an attempt to exploit an arbitrary code execution vulnerability in Microsoft Internet Explorer 6.0.
The vulnerability is caused by an error when the vulnerable software handles a malicious link to an SMB file share. It allows a remote attacker to execute arbitrary code when a victim opens the link.

Affected Products

Internet Explorer 6.0 and earlier versions
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.0.1 SP1-SP4
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0

Impact

System Compromise: remote code execution.
Denial of Service.

Recommended Actions

Microsoft has released a critical update that fixes this vulnerability. Please install the the patch in the Microsoft Security Bulletin MS06-042 on all vulnerable machines.
Do not visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.
Disable the execution of script code or active content in your web browser.
Do not accept, view or execute files from untrusted or unknown sources.

CVE References

CVE-2006-3281 CVE-2006-3280