Exploit for Unpatched Internet Explorer vulnerability



Well…. buckle your seatbelts it’s going to be a bumpy start to the week.

the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry… they have tested the exploit code and it remotely launched the calculator application, so this is a remote code execution vulnerability and can have SERIOUS consequences.


The exploit is in IE’s javascript, so one way to workaround is to disable javascript in IE. Another way is to use a different browser. No joke. Opera, Mozilla Firefox, or Netscape are all safe alternatives for this exploit. Of course, my favorite is firefox…

It is noted by incidents that future javascript vulnerabilities could be found that affect other browsers such as firefox. As always keep current on updates and it pays to tune into a site such as the securityfix or Incidents.org (sans institute, or here. I cannot guarantee that I’ll be getting things out as fresh as the two above though.

There is currently NO PATCH OR UPDATE for this Explorer vulnerability and it allows remote code execution. So, a malicious website could exploit it to remotely install spyware or adware for instance. If you browse with Internet Explorer right now, you are running a fair risk.

This would be what’s called a 0-day (zero-day) exploit, one that takes advantage of a previously unknown or unpatched vulnerability.

–update 12:03PM EST–

I’m seeing reports of the exploit code causing browser crashes, so it may be that it’s not 100% “effective” at the remote software execution. It still should be considered very serious. Secunia rates it at the highest severity “extremely critical”. It appears that this is a revision of an earlier vulnerability (the earlier vulnerability was reported as a Denial of Service attack vulnerability, this new angle ups the ante to remote code execution.)

–update 7:26PM EST–

The Sans Institute has raised the infocon to Yellow in light of the issue this afternoon. (You may notice the bar on the bottom of these pages. They also have reports that the DoS (Denial of Service ) attack affects Safari on OS X, but haven’t been able to duplicate on either 10.3 or 10.4…

From Microsoft, Windows Server 2003 and Server 2003 SP1 running in Enhanced Security Configuration (their default) are unaffected, at this point all others should be expected to be at risk.

–update 11:54PM EST–

Here’s the link to Microsoft’s advisory.

Related Posts

Blog Traffic Exchange Related Posts
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
  • 3 Critical Microsoft Updates, 1 Important, 1 Moderate and 1 re-released Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch... Sans has a good writeup (7 CVE issues addressed by this 1 patch....) Also the Eolas ActiveX settlement ("Eolas Patent Patch") solution seems to be included in this bundle. Also a MDAC......
  • Microsoft December 2005 Security updates Sans has the tip that information on the critical Windows updates expected tomorrow from Microsoft has started to be released. MS 05-54: Cumulative Security Update for Internet Explorer This will hopefully patch the javascript issues... MS 05-55: Vulnerability in Windows Kernel Could Allow Elevation of Privilege. More later in the......
Blog Traffic Exchange Related Websites
  • Adobe confirms PDF zero-day, plans rush patch By Gregg Keizer | Computerworld |┬áInfoWorld Adobe today said it would issue an emergency patch the week of Aug. 16 to fix a critical flaw in its Reader and Acrobat software. The bug was disclosed by researcher Charlie Miller at last month's Black Hat security conference when he demonstrated how......
  • 8 Step Recipe for Good Corporate Blogging Regardless of whether you already have a corporate blog, or if you are planning on starting one, if you want to turn your blog into a successful endeavor for your business, you need to have a recipe for success. Blogs that work well at attracting new clients and readers have......
  • Microsoft Warns of SQL Attack SQL stands for Structured Query Language. SQL Attack is kind of Hacking attack. Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software. Microsoft issued a security advisory late Monday, saying that the......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site