1 edit | IE Zero-Day i appreciate the interesting articles that others have posted in the forum and i have been thinking that i myself should try to contribute, so.. note that, according to "microsoft", only IE 6 - IE 8 are affected.. IE 9 and IE 10 are not affected.. also, the exploit relies on "flash player".. » krebsonsecurity.com/2012/12/atta···ay-flaw/"Attackers Target Internet Explorer Zero-Day Flaw" Attackers are breaking into Microsoft Windows computers using a newly discovered vulnerability in Internet Explorer, security experts warn. While the flaw appears to have been used mainly in targeted attacks so far, this vulnerability could become more widely exploited if incorporated into commercial crimeware kits sold in the underground. IEwarningIn a blog posting Friday evening, Milpitas, Calif. based security vendor FireEye said it found that the Web site for the Council on Foreign Relations was compromised and rigged to exploit a previously undocumented flaw in IE8 to install malicious software on vulnerable PCs used to browse the site. According to FireEye, the attack uses Adobe Flash to exploit a vulnerability in the latest (fully-patched) version of IE8. Dustin Childs, group manager for response communications at Microsoft, said the vulnerability appears to exist in previous versions of IE. “We are actively investigating reports of a small, targeted issue affecting Internet Explorer 6-8,” Childs said in an emailed statement. “We will take appropriate action to help keep customers protected once our analysis is complete. People using Internet Explorer 9-10 are not impacted.” As FireEye notes, this is another example of a “watering hole” attack, which involves the targeted compromise of legitimate websites thought to be of interest to or frequented by end users who belong to organizations that attackers wish to infiltrate. Earlier this year, I wrote about similar zero-day attacks against visitors to the Web sites of the National Democratic Institute, The Carter Center, and Radio Free Europe. related: » blog.fireeye.com/research/2012/1···ils.html |
|
|
|
 DustynPremium
join:2003-02-26
Ontario, CAN
kudos:10 | said by Dustin Childs :“We are actively investigating reports of a small, targeted issue affecting Internet Explorer 6-8,” Childs said in an emailed statement. Who the hell cares if IE6 is vulnerable?
Microsoft has to stop patching IE6 or people will continue to use it.
»www.ie6countdown.com/
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP
|
|
 La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 | said by Dustyn:Who the hell cares if IE6 is vulnerable?
Microsoft has to stop patching IE6 or people will continue to use it.
»www.ie6countdown.com/
^^^ This. Why anyone would use such an old, outdated, insecure browser is beyond me. I'd like to say they deserve whatever happens, but that would be mean. 
--
The Alien in the White House
20,085 DEADLY TERROR ATTACKS SINCE 9/11 |
|
 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2
 ·CenturyLink
| reply to Dustyn
said by Dustyn:Who the hell cares if IE6 is vulnerable?
Dude111  ? 
I rather like using IE 3.01 on my Windows 3.1 system
--
Don't feed trolls--it only makes them grow! |
|
| reply to redwolfe_98
Microsoft Research & Defense: New vulnerability affecting Internet Explorer 8 users quote:
In this particular vulnerability, IE attempts to reference and use an object that had previously been freed. The components of an exploit for such a vulnerability are typically the following:
• Javascript to trigger the Internet Explorer vulnerability
• Heap spray or similar memory preparation to ensure the memory being accessed after it has been freed is useful
• A way around the ASLR platform-level mitigation
• A way around the DEP platform-level mitigation
Internet Explorer 9 or 10 do not include the vulnerable code. And the IE team is working around the clock to develop a security update to address this vulnerability for earlier versions of the product. ...read full article
Microsoft Security Advisory (2794220)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
»technet.microsoft.com/en-us/secu···/2794220 |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| quote:
Another alternative - one likely to have less impact on your browsing experience - is to install EMET and enable it to protect Internet Explorer.
Already doing that 
--
Don't feed trolls--it only makes them grow! |
|
 siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | reply to redwolfe_98
Also see:
»blogs.technet.com/b/srd/archive/···ers.aspx
Hat Tip to Wilders |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| That's the same link that chachazz posted
(Look in the "quoted" part)
--
Don't feed trolls--it only makes them grow! |
|
siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | Noted |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 | Well I only know 'cause I clicked on both, That's where I got my quote from.
--
Don't feed trolls--it only makes them grow! |
|
siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | Some slight duplication of effort never hurt anybody. Better than no information • voila |
|
 trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
 ·Time Warner Cable
| Not to sound like an idiot, but wouldn't referencing an object after it's been removed or freed up (made null) cause a Null Reference Exception? I know that that happens when I try to access Object variables when I've not set it to something with "New Object()".
This happens in VB.NET, C#, and even Java.
--
Tom
Boycott AT&T uVerse! | Tom's Android Blog | AOKP (The Android Open Kang Project) |
|
DustynPremium
join:2003-02-26
Ontario, CAN
kudos:10 | reply to StuartMW
said by StuartMW: quote:
Another alternative - one likely to have less impact on your browsing experience - is to install EMET and enable it to protect Internet Explorer.
Already doing that Just started yesterday too.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP
|
|
TheMGPremium
join:2007-09-04
Canada
kudos:2 | reply to La Luna
said by La Luna:^^^ This. Why anyone would use such an old, outdated, insecure browser is beyond me. I'd like to say they deserve whatever happens, but that would be mean.
Companies that are too cheap to spend the money required to re-code or update the "broken" web applications they are using.
Yes, the company I work for still uses IE6. Several of the intranet web apps don't work properly on any other browser.
Is that a valid reason to still be using IE6? IMHO, it is not. They've had plenty of time and money to upgrade their web applications, instead they waste the budget elsewhere on less important things. |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| reply to Dustyn
said by Dustyn:Just started yesterday too.
Excellent! That makes 3 of us now
--
Don't feed trolls--it only makes them grow! |
|
 therube
join:2004-11-11
Randallstown, MD | reply to Dustyn
> Who the hell cares if IE6 is vulnerable?
Says IE6 - IE8.
(Guess IE5 & earlier no longer count .)
> Microsoft has to stop patching IE6 or people will continue to use it.
And aren't XP users limited to (at most) IE8 (or another browser entirely)? |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| said by therube:And aren't XP users limited to (at most) IE8 (or another browser entirely)?
Yup.
Win2K users can't run anything higher than IE6. I use Firefox v12.0 (the last to run on Win2K) on the rare occasions I browse on that box.
IE 3.01 was the last to run on Win 3.1 and WfWG 3.11 (16-bit OS'es) Netscape lasted until 4.x from memory.
--
Don't feed trolls--it only makes them grow! |
|
therube
join:2004-11-11
Randallstown, MD | reply to redwolfe_98
Microsoft Confirms IE Flaw, Releases Workaround
"Here are Microsoft’s recommendations for those still using Internet Explorer 8 or older:
• Set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
• Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones
• Deploy the Enhanced Mitigation Experience Toolkit (EMET) ..."
(Wonder how usable the browser will be with the first two suggestions implemented .) |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| Um...
» Re: IE Zero-Day
--
Don't feed trolls--it only makes them grow! |
|
| reply to Dustyn
said by Dustyn:said by Dustin Childs :“We are actively investigating reports of a small, targeted issue affecting Internet Explorer 6-8,” Childs said in an emailed statement. Who the hell cares if IE6 is vulnerable? Microsoft has to stop patching IE6 or people will continue to use it. » www.ie6countdown.com/ I still use ie 5 and extremely happy. |
|
