Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069

["Stefan Kanthak" <stefan.kanthak () nexgo de>]

Hi @ll,

the Microsoft security bulletins
<http://technet.microsoft.com/en-us/security/bulletin/ms06-020>
<http://technet.microsoft.com/en-us/security/bulletin/ms06-069>
show the following workaround to disable Macromedia Flash Player
with software restriction policies a.k.a. SAFER:

--- MS06-069.REG ---
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"TransparentEnabled"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{2742f840-c2d8-4eb3-a486-0a9d0879f29f}]
"LastModified"=hex(b):10,c3,8a,19,c6,e3,c5,01
"Description"="Block Macromedia Flash"
"SaferFlags"=dword:00000000
"ItemData"=hex(2):25,77,69,6e,64,69,72,25,2f,73,79,73,74,65,6d,33,32,2f,6d,61,63,72,6f,6d,65,64,2f,66,6c,61,73,68,2f,2a,00

--- EOF ---

When this (or an equivalent) SAFER rule to block flash player
is set AND the flash player plugin/activex control is installed
and enabled in Mozilla Firefox or Microsoft Internet Explorer,
then both browsers stall or slow to a crawl as soon as a web page
which uses the flash player plugin/activex control is loaded.

Apparently both web browsers handle the return code(s) from the
denied loading of the flash player plugin/activex control wrong!

Tested with MSIE6 to MSIE9 on Windows XP to Windows 7,
and Mozilla Firefox 1x.x on Windows XP and Windows 7.

Stefan Kanthak

PS: Opera doesn't show this error!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/