Unofficial fix for Internet Explorer MSDDS vulnerability

Unofficial fix for Internet Explorer MSDDS vulnerability
8/19/2005

A French "security" company that sells security solutions has released a fully functional "proof-of-concept" zero-day exploit that attacks an Internet Explorer ActiveX vulnerability in to the public. Microsoft has not had a chance to release a patch yet and the next normal update cycle isn't due until three weeks from now on 9/13/2005. For the time being, Microsoft has issued some temporary workarounds and one of the better options is to keep the MSDDS ActiveX control from loading in Internet Explorer in the first place. According to Microsoft, this particular method has no adverse affects. Unfortunately, it's a little hard to understand and you also have to read this document on how to set the kill-bit for ActiveX controls in Internet Explorer. To make it easier on you, I'm going to provide the following scripts to help you automate this simple yet effective lockdown that will protect you from this MSDDS zero-day exploit. I also provide an script to re-enable MSDDS so that you can undo the kill-bit script.

Disclaimer: I take no responsibility for any problems you might have with the following script. If you use it, you take full responsibility for it.

Kill_MSDDS.vbs:
This script will give you temporary protection against this zero-day exploit.

Permit_MSDDS.vbs:
This script will re-enable MSDDS. It should be safe to do this after Microsoft releases the official patch.

As always, you should inspect any script before you run it. You can run these scripts on individual PCs or you can deploy them throughout an enterprise with logon scripts or Active Directory group policies.