Not what you were looking for? Ask our experts!
Reply
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008
Accepted Solution

Vulnerability in Internet Explorer Could Allow Remote-Code Execution

[ Edited ]

Microsoft has Released a Security Advisory and Mitigation for a New Un-Patched Vulnerability affecting Internet Explorer. The Vulnerability stems from an Invalid Pointer Reference within Internet Explorer. Attackers could Exploit the issue Remotely to Execute Arbitrary Code with the Privileges of the User that is Running the Vulnerable Browser.

 

Microsoft Security Advisory (979352):

Vulnerability in Internet Explorer Could Allow Remote Code Execution:

http://www.microsoft.com/technet/security/advisory/979352.mspx.

 

Security Advisory 979352 Released:

http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspx.




 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

[ Edited ]

On January 14, 2010 , the Metasploit Exploitation Framework added an Exploit for the Bug that would allow an Attacker to gain Control of the System. Availability of this Exploit will increase the chance of In-The-Wild Exploitation of this Issue.

 

Re-Producing the "Aurora" I.E. Exploit:

http://blog.metasploit.com/2010/01/reproducing-aurora-ie-exploit.html.

 

Internet Explorer C.V.E.-2010-0249 Remote Code Execution Vulnerability:

http://www.securityfocus.com/bid/37815.

 


[edit: Fixed posting error.]

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

[ Edited ]

An I.D.S. Signature has just been Released for this Vulnerability; please Run Norton LiveUpdate to get this Signature.  (20100116.002; 20100116.001)

 

 

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

Just the other day, news of an exploit used to target a 0-day vulnerability in Internet Explorer (BID 37815) was announced.  According to Microsoft, the vulnerability affects Internet Explorer 6, 7, and 8 which make up a bulk of the versions used today.  Reports, however, have confirmed only Internet Explorer 6 has been targeted so far and the exploit has only been seen in targeted attacks.

 

 

You can read the rest of this Blog here: Protect yourself against Exploit targeting new I.E. 0-Day Vulnerability.

 

 

 

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

Microsoft has announced that they will be Releasing an Out-Of-Band Patch to address this issue. The Release Date for the Patch will be announced tomorrow (Wednesday, January 20, 2010).

 

Security Advisory 979352 - Going Out-Of-Band: http://blogs.technet.com/msrc/archive/2010/01/19/security-advisory-979352-going-out-of-band.aspx.

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

[ Edited ]

Microsoft has released Patches to address eight Vulnerabilities affecting Internet Explorer on Thursday, January 21, 2010. One of these issues is being Exploited in-the-Wild in Targeted Attacks. Customers are strongly advised to install the Patches as soon as possible.

 

Microsoft Security Bulletin M.S.10-002 - Critical:

Cumulative Security Update for Internet Explorer (978207):

http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx.

 

 





Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Spyware Scolder
stoneheart
Posts: 107
Registered: ‎10-30-2009

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

Hi Floating_Red,

Thanks for the ALL the information on this subject.I got my PATCHES today,once again a BIG THANKS for keeping us up to date with this issue.

 

Stoneheart:smileyhappy:

XP PRO/ SP3 IE8/Firefox ver:3.6.11/ NIS 2011
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Vulnerability in Internet Explorer Could Allow Remote-Code Execution

Hi, stoneheart,

 

Thank-You for your kind response.  Glad I could be of such service to the Norton Community up-to-date with this issue, and other issues as well.  Once again, thank-you for your Reply in letting me know that the information I provided has been of use to you.

 

 

 

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]