Threat Level: green Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MSIE: One patched, one pops up again (setslice)

Published: 2006-09-28
Last Updated: 2006-09-28 22:58:47 UTC
by Swa Frantzen (Version: 5)
0 comment(s)

If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.

So: No, surfing with MSIE is still not safe.

References

Defenses

  • Use an alternate browser (yeah, we sound like a broken record). But diversity really helps make the bad guys' job harder.
  • Disable ActiveX (take care: windowsupdate needs it, so you need to trust those sites)
  • Set the killbits:
    {844F4806-E8A8-11d2-9652-00C04FC30871} and {E5DF9D10-3B52-11D1-83E8-00A0C90DC849}
  • Keep antivirus signatures up to date.
  • Keep an eye out for a patch from Microsoft.
  • ...

--
Swa Frantzen -- Section 66


0 comment(s)
Diary Archives