0-days are here again

Jeremy Scott | September 19, 2012

Monday came with reports by security researcher Eric Romang about the discovery of new exploit code on the same server that the recent Java 0-day was found. The exploit has been observed in the wild as well as incorporated into the Metasploit framework.

Microsoft has released a public advisory stating that the vulnerability exists in Internet Explorer 6, 7, 8 and 9. The advisory says that it may lead to remote code execution. Based on the information available and the analysis of the malicious code that has been observed, I conclude that it will lead to remote code execution.

It appears that Microsoft is working on a fix, but until the fix arrives the only available solution is to use an alternate browser.

For additional details about the issue visit Microsoft.

See how Solutionary managed security services based on the patented ActiveGuard® service platform combine security intelligence and expertise to provide visibility, threat detection and event response.

POST A COMMENT

<< All Entries

Solutionary is a leading managed security service provider. The company reduces the information security and compliance burden, providing flexible security services that work the way clients want; enhancing existing initiatives, infrastructure and personnel. This blog is a place to learn about, and discuss, a wide variety of security and compliance topics.

Recent
Categories
Archives

0-days are here again

Thank you for your submission. Our team will be reviewing the submitted post.

POST A COMMENT

LATEST TWEETS