Jump to content
TioSam

New Exploit 0day for Internet Explorer 7, 8, 9 on Windows XP, Vista and 7

By TioSam, in Tutoriale in engleza

Recommended Posts

TioSam Newbie

TioSam

Posted
Posted

Critical-0Day-Vulnerability-in-IE8-Beta-2-and-IE7-on-Vista-SP1-and-XP-SP3-2.jpg

A security researcher has found a new 0day vulnerability affecting Internet Explorer, while analyzing a malware page that was being used to exploit vulnerabilities in Java. According to Metasploit team, Internet Explorer 7, 8 and 9 on Windows XP, Vista and 7 are vulnerable to this attack.

Eric Romang has discovered a folder "/public/help" in one of the infected hosts. He found a flash file (. Swf), two html pages (protect.html, exploit.html) and exe file.

moh20100day20120914.png

More Info: Zero-Day Season Is Really Not Over Yet

If we have to exploit this vulnerability module from Metasploit, you need to update it from the following link: https://community.rapid7.com/docs/DOC-1975

The screenshot below shows a successful attack against a machine of Windows 7 with Internet Explorer 9 installed:

Screen+shot+2012-09-17+at+7.59.19+AM.png

It is against Internet Explorer 8 installed:

Screen+shot+2012-09-16+at+5.32.08+PM.png

Here is another example of exploitation in a Windows XP SP3 box, fully patched:

screenshot.png

More Info: https://community.rapid7.com/community/metasploit/blog/2012/09/17/lets-start-the-week-with-a-new-internet-explorer-0-day-in-metasploit

Enjoy!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...