Microsoft sees 'huge increase' in IE attacks

Discussion in 'other security issues & news' started by HURST, Dec 15, 2008.

Thread Status:
Not open for further replies.
  1. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419

    http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123398
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,856
    Location:
    California
    Microsoft has elaborated on the various work-around measures for this exploit until a patch is released:

    Clarification on the various workarounds from the recent IE advisory
    http://blogs.technet.com/swi/archiv...-workarounds-from-the-recent-IE-advisory.aspx

    From the computerworld article you cited (thanks!),

    This explains why using IE6, the exploit would not run on sites that I looked at. The code checks for the versions of IE and the Operating system.

    Note, however, that the IE7 exploit has been seen packaged with other exploits that affect IE6, so that an unpatched IE6 would be vulnerable should one encounter a compromised website.

    One of Microsoft's recommendations is to Enable DEP (data execution prevention). Another consideration, because the payload is a trojan executable file,

    those with Software Restriction Policies enabled will prevent the trojan from running.


    OTHER REFERENCES

    0-day exploit for Internet Explorer in the wild
    http://isc.sans.org/diary.html?storyid=5458

    IE7 0day expanded to include IE6 and IE8(beta)
    http://binarycse.com/wordpress/?p=68


    ----
    rich
     
  3. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,499
    Waiting for Patch Tuesday? ..
     
  4. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    636
    Location:
    UK
    Another very good reason to ditch IE and go with Firefox or Opera.
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,046
    They're all the same... they all have vulnerabilities that keep surfacing, then they patch 'em and life goes on...
     
Thread Status:
Not open for further replies.