DoS Exploit for MS-053



Incidents.org has the story on an “in the wild” exploit for MS-053 vulnerability. The patch is out, so if you haven’t already – go ahead with the patching. The vulnerability is entitled “Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)”. The exploit causes 100% cpu utilitzation on visiting a page with a specially crafted file using Internet Explorer. The “attacking” page could essentially cause a system freeze.


Remember though, the javascript (unpatched) vulnerability of last week was ORIGINALLY marked at a DoS only vuln, last week it was discovered that Remote Code Execution was possible. So, any remote vulnerability should be treated with urgency in patching.

Related Posts

Blog Traffic Exchange Related Posts
  • Exploit for Unpatched Internet Explorer vulnerability Well.... buckle your seatbelts it's going to be a bumpy start to the week. the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry... they have tested the exploit......
  • Update on Internet Explorer Exploit in the wild If you use Internet Explorer to browse the web, I'd suggest finding the instructions to disable active scripting, or drop it and use something else in light of the recent exploit floating around. It seems that in spite of Microsoft's infinite wisdom that "Microsoft has determined that an attacker who......
  • Update on the Internet Explorer VML vulnerability Just catching up on the days VML vulnerability news from today.... It looks as though... the exploit is now MUCH more widespread this blog has some video of an infection, what's notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that......
Blog Traffic Exchange Related Websites
  • Microsoft Security Bulletin Summary for July 2010 MS10-042 - Vulnerability in Help and SupportCenter Could Allow Remote Code Execution (2229593) "This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if......
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • Retirement Planning and Social Security Countdown I received my annual Social Security Statement last month. I have written in the past about how I review my Social Security Statement. Each year this task takes on more significance because now I am only three years from being eligible for retirement benefits, if I were to choose to......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site