Data fuzzing - how to crash a browser

Internet Explorer just say no

I was fascinated to read over on The Register about a new security threat known as data fuzzing.

Basically the threat revolves around the principle that certain types of code, when contained or called from within a Web page, can clog up a Web browser sufficiently to cause it to freeze or crash.

Also known as packet fuzzing, the technique actually dates back to the days of the BBC Model B computer and Micronet, the online BT Prestel/EMAP public viewdata service for computer enthusiasts in the 1980s and early 1990s.

Pre-dating the Web by several years, Micronet took the principle of viewdata - essentially a teletext screen transmitted using a 1,200/75 bits per second modem (yes, you did read those rates correctly -Ed) - and extended it to allow the download of telesoftware to the computer concerned.

The problem was that a telesoftware download could be triggered automatically, so, if you were naughty, you could include a set of telesoftware download headers and lock the viewing computer into a constant cycle of download seeking.

On the BBC Model B, this effectively froze the computer, requiring a reboot of the machine, which took several minutes.

Anyway, El Reg says that data fuzzing was `discovered' last month by security researcher HD Moore who decided to write a simple program that would mangle the code found in Web pages and cause a browser crash.

The Reg newswire says that tracing the root causes of the crashes has resulted in the discovery of more than 50 flaws in Internet Explorer, a number of which can be used to gain control of a site visitor's Windows system.

Microsoft, as you might imagine, is the investigating the issue...