Malware Domain List

Malware Related => Tools of the trade / Internet News => Topic started by: SysAdMini on December 10, 2008, 07:27:13 am

Title: IE7 0day exploit
Post by: SysAdMini on December 10, 2008, 07:27:13 am
http://www.avertlabs.com/research/blog/index.php/2008/12/09/yet-another-unpatched-drive-by-exploit-found-on-the-web/ (http://www.avertlabs.com/research/blog/index.php/2008/12/09/yet-another-unpatched-drive-by-exploit-found-on-the-web/)
http://www.theregister.co.uk/2008/12/09/zero_day_ie_flaw_exploited/ (http://www.theregister.co.uk/2008/12/09/zero_day_ie_flaw_exploited/)
http://isc.sans.org/diary.html?storyid=5458 (http://isc.sans.org/diary.html?storyid=5458)
http://safelab.spaces.live.com/blog/cns!A6B213403DBD59AF!780.entry (http://safelab.spaces.live.com/blog/cns!A6B213403DBD59AF!780.entry)
http://www.breakingpointsystems.com/community/blog/patch-tuesdays-and-drive-by-sundays (http://www.breakingpointsystems.com/community/blog/patch-tuesdays-and-drive-by-sundays)
Title: Re: IE7 0day exploit
Post by: Kayrac on December 10, 2008, 10:00:18 am
this was patched from this patch tuesday, correct?
Title: Re: IE7 0day exploit
Post by: SysAdMini on December 10, 2008, 10:11:39 am
this was patched from this patch tuesday, correct?

No, it's not patched.

http://isc.sans.org/diary.html?storyid=5458
Quote
This is a brand new exploit that is *not* patched with MS08-073 that was released yesterday.
Title: Re: IE7 0day exploit
Post by: Kayrac on December 10, 2008, 04:29:49 pm
oh, bad news
Title: Re: IE7 0day exploit
Post by: SysAdMini on December 11, 2008, 12:31:46 am
IE7 0-Day Exploit Sites
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20081210 (http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20081210)