Internet Explorer/security: Find out New Internet Explorer zero day being exploited in the wild

September 18, 2012

Internet Explorer/security: Find out New Internet Explorer zero day being exploited in the wild

Since September 16th, 2012 Eric Romang from eromang reported the findings of a new exploit code on the same server that the Java 0day was found some weeks ago. The new vulnerability appears to affect Internet Explorer 7 and 8 and seems to be exploitable at least on Windows XP.

The exploit code found in the server works as follow:

- The file exploit.html creates the initial vector to exploit the vulnerability and loads the flash file Moh2010.swf.

- Moh2010.swf is a flash file encrypted using DoSWF. Labs.alienvault.com has seen the usage of DoSWF in the exploit code of other targeted attacks such as:

- Several Targeted Attacks exploiting Adobe Flash Player (CVE-2012-0779)

Learn morehere!

Search This Blog

The end-to-end Digital Economy across the world |

Internet Explorer/security: Find out New Internet Explorer zero day being exploited in the wild

Comments

Popular Posts

Encompassing Week at WPML, one of the easy ways to build and run multilingual WordPress sites.

Startups of the days with their backers.