Internet Explorer
IEPeers – A New Internet Explorer Zero Day Vulnerability
We posted an aside yesterday referencing Microsoft’s recent blog post for new security advisory 981374 referencing a new zero day vulnerability in Internet Explorer versions 6 and 7. New details have emerged since, and the exploit has moved from being what was described as part of “limited targeted attacks” to being widely accessible and available as a new module for the Metasploit framework.
Press F1 for Help, pwned.
Microsoft published security advisory 981169 yesterday in response to the zero day vulnerability reported a few days prior. The vulnerability is in the help system and can be triggered by luring an Internet Explorer user into pressing the F1 key. Windows 2000, Windows XP SP2 & SP3, and Windows 2003 SP2 with Internet Explorer 7 [...]
The “Aurora” IE Exploit Used Against Google in Action
The big news hit earlier this week, the attack vector that allowed bad actors presumably from China into the networks of Google, Juniper, Adobe, and some 30 other firms was an Internet Explorer zero day, a use after free vulnerability on an invalid pointer reference affecting IE 6, 7, and 8 but only used in IE 6 according to Microsoft. Per Microsoft’s Advisory 979352: “In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.. Earlier today this entry from yesterday at Wepawet (an online analysis engine for malware) was pointed out to H.D. Moore, and within hours Metasploit has an exploit of the vulnerability integrated. McAfee has confirmed that the exploit is out and the same one they saw during the investigation. The video below demonstrates how crackers gained access to the corporate networks of Google, et al. using this zero day attack.
Six Bulletins in Last Patch Tuesday of 2009
Today marks the last Microsoft patch Tuesday of 2009, and Microsoft has released patches to six bulletins:
MS09-071 – Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318) MS09-074 – Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183) MS09-072 – Cumulative Security Update for Internet Explorer (976325) MS09-069 – Vulnerability in Local [...]
Microsoft Video ActiveX Control Vulnerability
Microsoft is recommending setting the kill bit for an ActiveX control object, MPEG2TuneRequest, to avoid an in the wild zero day exploit that allows for remote code execution when a web site containing the exploit is browsed by a user with Internet Explorer.
Categories
- Access Control
- Administration
- Botnet
- Censorship
- Certification
- Content Filtering
- Cross Site Scripting
- Cyberwar
- Data Breach
- data leak prevention
- Disaster Recovery
- enumeration
- Forensics
- funny
- homeland security
- Incident Response
- Industry News
- Intrusion Detection
- Law
- Malware
- Networking
- Patch Management
- Phishing
- Physical Security
- Remote Exploit
- scareware
- Security
- Security Policy
- Social Networking
- SQL Injection
- Stay Safe Online
- Technology in Society
- Tools
- Uncategorized
- Vulnerability
- Web Site Defacement
- windows
Recent Comments