DoS Exploit for MS-053



Incidents.org has the story on an “in the wild” exploit for MS-053 vulnerability. The patch is out, so if you haven’t already – go ahead with the patching. The vulnerability is entitled “Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)”. The exploit causes 100% cpu utilitzation on visiting a page with a specially crafted file using Internet Explorer. The “attacking” page could essentially cause a system freeze.


Remember though, the javascript (unpatched) vulnerability of last week was ORIGINALLY marked at a DoS only vuln, last week it was discovered that Remote Code Execution was possible. So, any remote vulnerability should be treated with urgency in patching.

   Send article as PDF   

Similar Posts