Not what you were looking for? Ask our experts!
Reply
SendOfJive
Posts: 10,783
Kudos: 4,840
Solutions: 779
Registered: ‎02-07-2009

New IE Zero-day Vulnerability Exploit

An exploit for a newly discovered vulnerability in Internet Explorer has been released in the wild.  Visiting a compromised site with IE can cause a computer to become infected without any user action.  Until Microsoft releases a patch, the best way to stay safe is to use a browser other than IE for surfing the web.

 

http://krebsonsecurity.com/2012/09/exploit-released-for-zero-day-in-internet-explorer/

Edjr60
Posts: 1,833
Registered: ‎02-21-2011

Re: New IE Zero-day Vulnerability Exploit

Thanks very much for the heads up SOJ.

 

I'll make sure to stick with this Chrome

browser and be waiting for Microsoft.

 

 

 

Ed

Contributor
Myrdhinn
Posts: 68
Registered: ‎11-18-2008

Re: New IE Zero-day Vulnerability Exploit

[ Edited ]

Just uninstall all java, disable java in IE addons and if you need a site that needs java run firefox with noscript. I'm surprised krebs is only just reporting this, the temp fix has been out for a  week or more  on dslreports, wilders and most good sec forums.

Phishing Phryer
ALF60
Posts: 765
Registered: ‎03-10-2010

Re: New IE Zero-day Vulnerability Exploit

[ Edited ]

IE 6,7,8,9 are affected if you are using IE10 in windows 8 you are not affected

SendOfJive
Posts: 10,783
Kudos: 4,840
Solutions: 779
Registered: ‎02-07-2009

Re: New IE Zero-day Vulnerability Exploit

[ Edited ]

Myrdhinn wrote:

Just uninstall all java, disable java in IE addons and if you need a site that needs java run firefox with noscript. I'm surprised krebs is only just reporting this, the temp fix has been out for a  week or more  on dslreports, wilders and most good sec forums.


I think you are referring to the Java 7 Zero-day that has now been patched, as reported by Brian Krebs on August 30..  The vulnerability making news today is in Internet Explorer and is unrelated to Java - removing Java will not protect you from this one.

 

http://technet.microsoft.com/en-us/security/advisory/2757760

 

Contributor
Myrdhinn
Posts: 68
Registered: ‎11-18-2008

Re: New IE Zero-day Vulnerability Exploit

My bad ... thanks for the correction. geez, how does one keep up with all this? Least I'm safe since IE10 isn't affected... yet.

Bot Obliterator
Quads
Posts: 16,539
Registered: ‎07-21-2008

Re: New IE Zero-day Vulnerability Exploit

I have this Malware

 

Quads

Rootkit Eradicator
elsewhere
Posts: 1,419
Registered: ‎05-30-2009

Re: New IE Zero-day Vulnerability Exploit

Norton products are now detecting the components of this exploit:

 

http://www.symantec.com/connect/blogs/new-internet-explorer-zero-day-vulnerability-exploited-wild

Bot Obliterator
Quads
Posts: 16,539
Registered: ‎07-21-2008
Norton Fighter
Krusty13
Posts: 6,814
Registered: ‎05-31-2011

Re: New IE Zero-day Vulnerability Exploit

Microsoft will release a patch in the next few days.

 

http://www.nbcnews.com/technology/technolog/microsoft-plans-stopgap-patch-ie-hole-1B5984642

 

Dave

W W W  =  Wild Wild West.    Be careful out there!