Blog: Zero-Day Internet Explorer Exploit Published

A new exploit targeting Internet Explorer was published to the BugTraq mailing list yesterday [Friday, November 20, 2009]. Symantec has conducted further tests and confirmed that it affects Internet Explorer versions 6 and 7 as well. The exploit currently exhibits signs of poor reliability, but we expect that a fully-functional reliable exploit will be available in the near future.  When this happens, attackers will have the ability to insert the exploit into Web sites, infecting potential visitors.  For an attacker to launch a successful attack, they must lure victims to their malicious Web page or a Web site they have compromised. In both cases, the attack requires JavaScript to exploit Internet Explorer.

 

 

You can read the rest of this Blog here: Zero-Day Internet Explorer Exploit Published.