Microsoft Security Advisory (2887505)

Discussion in 'other security issues & news' started by ronjor, Sep 17, 2013.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,770
    Location:
    Texas
    https://technet.microsoft.com/en-us/security/advisory/2887505
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,770
    Location:
    Texas
    https://blogs.technet.com/b/msrc/ar...ecurity-advisory-2887505.aspx?Redirected=true
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,770
    Location:
    Texas
    http://blogs.technet.com/b/srd/arch...-it-workaround-available.aspx?Redirected=true
     
  4. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    791
    Location:
    India
    So, the sample they worked on was not able to expoit IE10 and IE11.

    Also, I think if IE running under protected mode should be able to mitigate the issue. Isn't it.

    Thanks, Harsha
     
  5. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,095
    =
    -------------------------
    =
     
  6. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Fix It applied:

    -http://go.microsoft.com/?linkid=9838025-

    Undo:
    -http://go.microsoft.com/?linkid=9838026-
     
  7. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    791
    Location:
    India
    thanks for confirming :)
     
  8. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    http://www.csoonline.com/article/740657/attacks-multiply-as-hackers-target-unpatched-ie-flaw

    Also refers:
    http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx

    Poster notes:
    --------------
    For those that have implemented the "Fix It" it is user choice to use the undo option.

    Under all applicable OS a restore point was applied to those to used the Fix It.

    For those that wish to manually remove the Fix It, it is listed in your Add/Remove Programs as: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3893
    Via: http://technet.microsoft.com/en-us/security/advisory/2887505
     
    Last edited: Oct 1, 2013
  9. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,956
    Location:
    U.S.A.
  10. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    I did see that article but it cites a CVE that has not been cited elsewhere. Once we know what MS will be patching next week, it should be more reassuring to those running the exposed IE version.
     
  11. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
Loading...
Thread Status:
Not open for further replies.