|
Title: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: SecurityMonkey on September 17, 2012, 05:48:39 PM Good blog about the new zero-day in IE......
https://community.rapid7.com/community/metasploit/blog/2012/09/17/lets-start-the-week-with-a-new-internet-explorer-0-day-in-metasploit And this is good as well... nice write up on the findings of an infected server: http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/ Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista Post by: Cyber.spirit on September 18, 2012, 12:31:22 AM on windows xp or vista? You mean windows server 2003-2008 and windows seven is not vulnerable?
Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista Post by: SecurityMonkey on September 18, 2012, 12:36:36 AM on windows xp or vista? You mean windows server 2003-2008 and windows seven is not vulnerable? If you check out the blog post at the bottom is the link to the MS Advisory... but just in case you don't want to click that link here's another : http://technet.microsoft.com/en-us/security/advisory/2757760 The reason it wasn't in the subject was the title was too long... all fixed now. Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista Post by: Cyber.spirit on September 18, 2012, 12:43:40 AM thank u always technet is better! Atleast its famous!
Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: SecurityMonkey on September 18, 2012, 12:46:51 AM Not a problem...
Keep in mind that famous isn't always good... Ankit Fadia is famous in the IT Security world but he is FAR from good!!! Sometime its the unknowns that come up with the best information. Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: Jamie.R on September 18, 2012, 03:09:22 AM IS there a fix for this yet ?
Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: SecurityMonkey on September 18, 2012, 03:17:43 AM IS there a fix for this yet ? Nope.... just workarounds such as deploying the Enhanced Mitigation Experience Toolkit.... or upgrading IE to Firefox or Chrome... Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: m0wgli on September 19, 2012, 02:00:07 AM From the Microsoft Security response Center:
Quote We will release a Fix it in the next few days to address an issue in Internet Explorer, as outlined in the Security Advisory 2757760 that we released yesterday. http://blogs.technet.com/b/msrc/archive/2012/09/18/additional-information-about-internet-explorer-and-security-advisory-2757760.aspx Quote The Fix it is an easy-to-use, one-click, full-strength solution any Internet Explorer user can install. It will not affect your ability to browse the Web, and it will provide full protection against this issue until an update is available. Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: Jamie.R on September 19, 2012, 03:38:16 AM Thanks for the information.
Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: m0wgli on September 20, 2012, 02:02:57 PM Microsoft should be releasing an "out-of-band" patch for this tomorrow.
Quote Microsoft will release the emergency update at approximately 1 p.m. ET Friday via the Microsoft Update and Windows Update services, as well as through WSUS (Windows Server Update Services), the de facto corporate patch deployment tool. Source: http://www.computerworld.com/s/article/9231478/Microsoft_Patch_for_critical_IE_zero_day_bug_coming_Friday?taxonomyId=85 Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: Jamie.R on September 24, 2012, 04:08:12 AM Does anyone know if a patch been released yet I know there was a temp fix but also heard that it didn't always fix the problem.
Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: UNIX on September 24, 2012, 04:11:34 AM See Microsoft Security Bulletin MS12-063 (http://technet.microsoft.com/en-us/security/bulletin/ms12-063).
Title: Re: New zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista & 7 Post by: Jamie.R on September 25, 2012, 03:46:24 AM Thanks for the links
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |