Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: 0-day vulnerability in Internet Explorer 6, 7 and 8 - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
0-day vulnerability in Internet Explorer 6, 7 and 8

Microsoft just published an advisory about a critical security vulnerability in all versions of Internet Explorer (apart from 5 – but no one has that around anymore, right?).

While all versions of Internet Explorer are affected, the risk for everyone running Internet Explorer 8 is lower since it has DEP (Data Execution Prevention) enabled by default. DEP makes exploitation of this vulnerability more difficult so as a temporary workaround you might want to enable it for older IEs (keep in mind that it might break some add-ons).

Microsoft says that so far they only saw exploits against Internet Explorer 6. In a related post (here) McAfee said that this vulnerability was (one of those) used to compromise Google. So, it appears that it was maybe even a cocktail of 0-day exploits used (IE + Adobe).

--
Bojan
INFIGO IS

I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Munich July 2019

Bojan

376 Posts
ISC Handler
So if I were a bad guy, I'd post a malware laden website for Haitian donations, and exploit this latest IE vulnerability...but hey, what's the chances of somebody doing this, hah! Never happen right?
Anonymous
The exploit is live and in the wild. Here is a video of it being used via Metasploit:

http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/
Anonymous
Firefox and NoScript more than handle this.
Interestingly enough, both France and Germany have recommended their citizens switch from IE to an alternative browser; it looks like tech guys aren't the only ones expecting a massive fallout over this.
computerfreaker

4 Posts

Sign Up for Free or Log In to start participating in the conversation!