Exploit for Unpatched Internet Explorer vulnerability



Well…. buckle your seatbelts it’s going to be a bumpy start to the week.

the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry… they have tested the exploit code and it remotely launched the calculator application, so this is a remote code execution vulnerability and can have SERIOUS consequences.


The exploit is in IE’s javascript, so one way to workaround is to disable javascript in IE. Another way is to use a different browser. No joke. Opera, Mozilla Firefox, or Netscape are all safe alternatives for this exploit. Of course, my favorite is firefox…

It is noted by incidents that future javascript vulnerabilities could be found that affect other browsers such as firefox. As always keep current on updates and it pays to tune into a site such as the securityfix or Incidents.org (sans institute, or here. I cannot guarantee that I’ll be getting things out as fresh as the two above though.

There is currently NO PATCH OR UPDATE for this Explorer vulnerability and it allows remote code execution. So, a malicious website could exploit it to remotely install spyware or adware for instance. If you browse with Internet Explorer right now, you are running a fair risk.

This would be what’s called a 0-day (zero-day) exploit, one that takes advantage of a previously unknown or unpatched vulnerability.

–update 12:03PM EST–

I’m seeing reports of the exploit code causing browser crashes, so it may be that it’s not 100% “effective” at the remote software execution. It still should be considered very serious. Secunia rates it at the highest severity “extremely critical”. It appears that this is a revision of an earlier vulnerability (the earlier vulnerability was reported as a Denial of Service attack vulnerability, this new angle ups the ante to remote code execution.)

–update 7:26PM EST–

The Sans Institute has raised the infocon to Yellow in light of the issue this afternoon. (You may notice the bar on the bottom of these pages. They also have reports that the DoS (Denial of Service ) attack affects Safari on OS X, but haven’t been able to duplicate on either 10.3 or 10.4…

From Microsoft, Windows Server 2003 and Server 2003 SP1 running in Enhanced Security Configuration (their default) are unaffected, at this point all others should be expected to be at risk.

–update 11:54PM EST–

Here’s the link to Microsoft’s advisory.

Related Posts

Blog Traffic Exchange Related Posts
  • Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
  • WMF exploit situation summary... Since there's been quite a bit of flux the last couple of days I thought I'd try to "reset" the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF......
  • DoS Exploit for MS-053 Incidents.org has the story on an "in the wild" exploit for MS-053 vulnerability. The patch is out, so if you haven't already - go ahead with the patching. The vulnerability is entitled "Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)". The exploit causes 100% cpu utilitzation on visiting......
Blog Traffic Exchange Related Websites
  • Covering External Stories - Good or Bad? No two blogs are created equally, and for that reason, corporate blogs all touch on different subjects and different stories. Some people who write in corporate blogs wonder if covering external stories is a good idea or a bad idea. Some people shy away from the idea simply because they......
  • Microsoft Warns of SQL Attack SQL stands for Structured Query Language. SQL Attack is kind of Hacking attack. Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software. Microsoft issued a security advisory late Monday, saying that the......
  • Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010¬†|¬†Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site