X-Mas time zero day Exploits
Date: 1/15/2011 3:57 pm
Rating: 2 Rate [ | ]
Last Updated: 2010-12-23 13:00:34 UTC
by Mark Hofman (Version: 1)
Ok, fess up who asked for an IE 0 day for Christmas? I'm guessing Santa got his lumps of coal mixed up with a bag of exploits.
This exploit has been discussed over the last day or so on full disclosure and a number of other sites. Metasploit already has a module available for it (just search for CSS & IE). Microsoft has put out an advisory 2488013 regarding the issue ( http://www.microsoft.com/technet/security/advisory/2488013.mspx). The issue manifests itself when a specially crafted web page is used and could result in remote code execution on the client.
Microsoft suggests using Enhanced Mitigation Experience Toolkit (EMET) to help address the issue. Details on that and a little bit more on the exploit can be found here http://blogs.technet.com/b/srd/archive/2010/12/22/new-internet-explorer-vulnerability-affecting-all-versions-of-ie.aspx
According to the advisory it is not actively being exploited ....yet
If you see it being exploited, drop us a line.