Websense.com / Security Labs / Blogs / Proof-of-Concept (POC) for I.E. zero-day posted.

Blog

Proof-of-Concept (POC) for I.E. zero-day posted.

09.20.2006 - 7:02 AM

SEARCH BLOG

Subscribe to this feed »

September 2006

09/29/2006	Malicious Website / Malicious Code of the Week »
09/24/2006	Web Attacker with VML being setup. »
09/24/2006	Keep an eye on NEWS stories. »
09/22/2006	MOTW: VML Payload Analysis »
09/22/2006	VML Candid Camera »
09/20/2006	Proof-of-Concept (POC) for I.E. zero-day posted. »
09/19/2006	New Internet Explorer Zero-Day being utilized. »
09/16/2006	MOTW: Downloader Analysis »
09/08/2006	MOTW: zCodec Delivers »
09/01/2006	MOTW: VMProtect Analysis »

Archive
+ August 2006
+ July 2006
+ June 2006
+ May 2006
+ April 2006

The recently reported VML Internet Explorer "zero-day" exploit now has attack code publicly posted on the web. Although the first version results in a denial of service and not escalated privileges, we expect to see public posts of exploit code that does allows a user to run code without user-interaction. This may result in increased attacks based on the fact that there are no patches available and often "copy-cat" attacks that simply cut and paste P.O.C. code often occur after public release.

Bookmark This Post:

Post a Comment:

Security Labs

STAY ALERT!

Blog

SEARCH BLOG