Internet Explorer/security: Find out New Internet Explorer zero day being exploited in the wild


 Since September 16th, 2012 Eric Romang from eromang reported the findings of a new exploit code on the same server that the Java 0day was found some weeks ago. The new vulnerability appears to affect Internet Explorer 7 and 8 and seems to be exploitable at least on Windows XP.
The exploit code found in the server works as follow:

- The file exploit.html creates the initial vector to exploit the vulnerability and loads the flash file Moh2010.swf.
- Moh2010.swf is a flash file encrypted using DoSWF. Labs.alienvault.com has seen the usage of DoSWF in the exploit code of other targeted attacks such as:

Comments

Popular Posts