[blog.rayfoo] Infosec, DFIR, tech geekery, thoughts and whatnot

11Mar/100

IE zero-day flaw leaks out; Exploit code published

Using obvious clues from a McAfee blog post, an Israeli hacker was able to pinpoint the latest Internet Explorer zero-day vulnerability and create working exploit code. The exploit code, which provides a clear roadmap to launch drive-by download attacks against IE 6 and IE 7 users, is being fitted into the Metasploit point-and-click tool.

Another case that shows how difficult it is for reasonable and informative disclosure, yet not giving away the attack like this.

On a side note, am looking forward to trying this out from Metasploit... :D

[via ZDNet]

Tagged as: , , No Comments
   

Subscribe

Downloads

Links

Social

Most Active Tags

APT books brute forcing BTPC Christian Christian living CLI data mining data visualization DNS Downloads drama education fun funny hardening HOWTO information gathering Japanese linux log analysis lyrics mathematics network nginx OpenVPN picture programming project Python random RSnake security server administration spam Splunk SSH TED thoughts tools Ubuntu web application web server wifi WordPress

Recent Comments

Recent Posts