Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MSIE: One patched, one pops up again (setslice) SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MSIE: One patched, one pops up again (setslice)
If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.

So: No, surfing with MSIE is still not safe.

References

Defenses

  • Use an alternate browser (yeah, we sound like a broken record). But diversity really helps make the bad guys' job harder.
  • Disable ActiveX (take care: windowsupdate needs it, so you need to trust those sites)
  • Set the killbit:
    {844F4806-E8A8-11d2-9652-00C04FC30871}
    [unconfirmed at this point it's the right killbit, so proceed with caution]
  • Keep antivirus signatures up to date.
  • Keep an eye out for a patch from Microsoft.
  • ...
--
Swa Frantzen -- Section 66

Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!