Microsoft has announced a vulnerability in all currently-supported versions of Internet Explorer (6 through 8) that could all the execution of arbitrary code (advisory 2458511.) This would likely be leveraged in a drive-by-exploit scenario. They state that DEP (Data Execution Prevention) and Protected Mode are mitigating factors. I'm still collecting more details so this will be updated as more details become available. CVSS Base: pending |
Kevin Liston 292 Posts ISC Handler Nov 3rd 2010 |
Thread locked Subscribe |
Nov 3rd 2010 1 decade ago |
Please don't post links to the exploit code. Thanks.
|
Kevin Liston 292 Posts ISC Handler |
Quote |
Nov 4th 2010 1 decade ago |
As we all know, MS offers two "Fix it" tools via http://support.microsoft.com/kb/2458511/en-us
Sadly and odd enough, Fix it 50556 (the "CSS-Fix it", MicrosoftFixit50556.msi) has an error in the LaunchCondition of the MSI file, which leeds to an "This Microsoft Fix it does not apply to your operating system or application version" error message executing the MSI file on every Windows version you're trying to install it, abording the installation of the contained user-defined CSS file for Internet Explorer. The culprit is the second LaunchCondition FIXIT_RUN <> "" to be found in the MSI file. By removing this condition, the installation will continue and work as intended (IE will launch once after the installation finished). I've informed MS about the error yesterday. So far, no reaction. Just in case you don't feel to be able or willing to fix the issue yourself, I'm offering a fixed version of the MSI file via http://patch-info.de/IE/Downloads/MicrosoftFixit50556.msi Bye, Freudi |
Anonymous |
Quote |
Nov 8th 2010 1 decade ago |
IE 0-day in exploit kit...
- http://thompson.blog.avg.com/2010/11/heads-up-0-day-in-an-exploit-kit.html November 07, 2010 - "... CVE-2010-3962* is in the Wild, but over the last couple of days, we've begun detecting it in the Eleonore Exploit Kit. This raises the stakes considerably..." * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3962 . |
Jack 160 Posts |
Quote |
Nov 8th 2010 1 decade ago |
Without any feedback and further visible information, MS corrected "Fix it" 50556 on November 11th. They now offer the corrected Fix it via their MSKB article which is identical to that one, I've been offering for download via patch-info.de since November 7th.
Bye, Freudi |
Anonymous |
Quote |
Nov 11th 2010 1 decade ago |
Well, in the meantime MS deploys the errorness version of MicrosoftFixit50556.msi once again. Looks like someone is playing bullsh*t Bingo.
|
Anonymous |
Quote |
Nov 12th 2010 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!