Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

CVE-2012-1875 exploit is now available

Published: 2012-06-18
Last Updated: 2012-06-18 23:39:38 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

This CVE-2012-1875 is now actively exploited in "limited attacks" but Microsoft has yet to update its MS12-037 bulletin [1] to clearly indicate that public exploit code is now widely available. This critical Internet Explorer update has a module available in the Metasploit framework.

Users are strongly encouraged to patch this vulnerability before your systems get exploited. Have you seen this vulnerability being exploited in your network? Let us know!

[1] MS12-037 - Critical: Cumulative Security Update for Internet Explorer
http://technet.microsoft.com/en-us/security/bulletin/ms12-037

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

0 comment(s)
ISC StormCast for Monday, June 18th 2012 http://isc.sans.edu/podcastdetail.html?id=2608
Diary Archives