• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Kudos2 Stats

Microsoft Internet Explorer Unpatched Vulnerability is Here… Norton Users Never Fear!

Normal 0 false false false EN-US X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} Normal 0 false false false EN-US X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Microsoft Internet Explorer Unpatched Vulnerability is Here… Norton Users Never Fear!

You might have heard a few things about a vulnerability in Microsoft Internet Explorer this week.  This is otherwise known as a “zero day” because it was found and hasn’t been patched by Microsoft at the time of discovery.  You can read more about the actual vulnerability here in the Microsoft Security Advisory for CVE-2008-0015.  This bug in Internet Explorer can lead to users having malware installed on your system silently just by visiting any Web site that might be hosting malicious code designed to take advantage of this vulnerability.  I have blogged about Drive-by Downloads, infections users get from just visiting any Web site, here and here.  Users running Windows XP SP2 or SP3 and Internet Explorer 6 or 7 are susceptible to possible drive-by download attacks exploiting this vulnerability.  

Norton users never fear!  The good news is that Norton users were proactively protected against this vulnerability with our Browser Protection and Intrusion Prevention capability, regardless of the fact that no fix was available from Microsoft. On Tuesday, July 7th, we released security updates to Norton customers that will protect users against any exploitation of the underlying vulnerability.  This is an additional layer of protection on top of the virus protection we already delivered.  This is also one of those reasons why Norton users are more protected than with some other competitive products or free solutions that may only provide reactive antivirus protection once exploits are known.  

For more information on Web based attacks like Drive-by Downloads, look at our Web Based Attacks Whitepaper.  

Message Edited by John_Harrison on 07-09-2009 05:05 PM

Comments

Kudos0
Good information for users to have - good post!!
We look forward to the time when the Power of Love will replace the Love of Power. Then will our world know the blessings of peace. ~William Ewart Gladstone
Kudos0

Hi, John,

Great Blog, to inform Users of the Signatures that were Added who were un-aware of this! 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0
Normal 0 false false false EN-US X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} Normal 0 false false false EN-US X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Microsoft Internet Explorer Unpatched Vulnerability is Here… Norton Users Never Fear!

You might have heard a few things about a vulnerability in Microsoft Internet Explorer this week.  This is otherwise known as a “zero day” because it was found and hasn’t been patched by Microsoft at the time of discovery.  You can read more about the actual vulnerability here in the Microsoft Security Advisory for CVE-2008-0015.  This bug in Internet Explorer can lead to users having malware installed on your system silently just by visiting any Web site that might be hosting malicious code designed to take advantage of this vulnerability.  I have blogged about Drive-by Downloads, infections users get from just visiting any Web site, here and here.  Users running Windows XP SP2 or SP3 and Internet Explorer 6 or 7 are susceptible to possible drive-by download attacks exploiting this vulnerability.  

Norton users never fear!  The good news is that Norton users were proactively protected against this vulnerability with our Browser Protection and Intrusion Prevention capability, regardless of the fact that no fix was available from Microsoft. On Tuesday, July 7th, we released security updates to Norton customers that will protect users against any exploitation of the underlying vulnerability.  This is an additional layer of protection on top of the virus protection we already delivered.  This is also one of those reasons why Norton users are more protected than with some other competitive products or free solutions that may only provide reactive antivirus protection once exploits are known.  

For more information on Web based attacks like Drive-by Downloads, look at our Web Based Attacks Whitepaper.  

Message Edited by John_Harrison on 07-09-2009 05:05 PM
Kudos0
This has now been Patched.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0
Great job!! I like your blog!!
Glad 2 know and see you