Exploit for Unpatched Internet Explorer vulnerability



Well…. buckle your seatbelts it’s going to be a bumpy start to the week.

the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry… they have tested the exploit code and it remotely launched the calculator application, so this is a remote code execution vulnerability and can have SERIOUS consequences.


The exploit is in IE’s javascript, so one way to workaround is to disable javascript in IE. Another way is to use a different browser. No joke. Opera, Mozilla Firefox, or Netscape are all safe alternatives for this exploit. Of course, my favorite is firefox…

It is noted by incidents that future javascript vulnerabilities could be found that affect other browsers such as firefox. As always keep current on updates and it pays to tune into a site such as the securityfix or Incidents.org (sans institute, or here. I cannot guarantee that I’ll be getting things out as fresh as the two above though.

There is currently NO PATCH OR UPDATE for this Explorer vulnerability and it allows remote code execution. So, a malicious website could exploit it to remotely install spyware or adware for instance. If you browse with Internet Explorer right now, you are running a fair risk.

This would be what’s called a 0-day (zero-day) exploit, one that takes advantage of a previously unknown or unpatched vulnerability.

–update 12:03PM EST–

I’m seeing reports of the exploit code causing browser crashes, so it may be that it’s not 100% “effective” at the remote software execution. It still should be considered very serious. Secunia rates it at the highest severity “extremely critical”. It appears that this is a revision of an earlier vulnerability (the earlier vulnerability was reported as a Denial of Service attack vulnerability, this new angle ups the ante to remote code execution.)

–update 7:26PM EST–

The Sans Institute has raised the infocon to Yellow in light of the issue this afternoon. (You may notice the bar on the bottom of these pages. They also have reports that the DoS (Denial of Service ) attack affects Safari on OS X, but haven’t been able to duplicate on either 10.3 or 10.4…

From Microsoft, Windows Server 2003 and Server 2003 SP1 running in Enhanced Security Configuration (their default) are unaffected, at this point all others should be expected to be at risk.

–update 11:54PM EST–

Here’s the link to Microsoft’s advisory.

Related Posts

Blog Traffic Exchange Related Posts
  • More WMF problems for Windows I can't really say I'm surprised, after the big WMF vulnerability of the last couple weeks, I suspected we'd see closer scrutiny of other WMF "vectors".... but..... The SecurityFix is one of the outlets, that have been reporting on another WMF vulnerability. According to the analysis so far, it can......
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
  • Microsoft touts Windows vista restart manager Okay - here we go.... Microsoft is talking about a new feature of Vista that allows you to ... update parts of the operating system or applications without having to reboot the entire machine. Another angle at OSnews.com. If that works as advertised that's great. Update something related to networking,......
Blog Traffic Exchange Related Websites
  • Microsoft Warns of SQL Attack SQL stands for Structured Query Language. SQL Attack is kind of Hacking attack. Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software. Microsoft issued a security advisory late Monday, saying that the......
  • New threat: Hackers look to take over power plants LOLITA C. BALDOR, Associated Press Writer WASHINGTON — Computer hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems. Cyber criminals have long tried, at times successfully, to......
  • Internet Explorer 8 blocks a billion malware downloads James Pratt, Microsoft’s Product Manager stated in a blog post , “The SmartScreen team just informed me that we’ve reached an amazing milestone – Internet Explorer 8 has blocked 1 billion attempts to download malware!” The SmartScreen Filter evaluates URLs and their associated servers. If the software recognizes a server......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site