Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43423
  • Total Topics: 16520
  • Online today: 2590
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2589
Total: 2590









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Samker
« on: 13. June 2012., 20:02:03 »

Thanks for warning pal. :thumbsup:

Here is Microsoft's patch for MS12-037: http://technet.microsoft.com/en-us/security/bulletin/ms12-037

Posted by: Pez
« on: 13. June 2012., 11:51:23 »


Active Zero-Day Exploit Targets Internet Explorer Flaw

 On June 1, McAfee Labs discovered a new Microsoft Internet Explorer zero-day attack that is active in the wild and exploits a use-after-free vulnerability. We have successfully reproduced it with the latest IE8 and Windows 7. We have confirmed it’s a zero day and have been working with the Microsoft security team for their solutions. Today, Microsoft released the patch for MS12-037 and CVE-2012-1875, which Microsoft assigned to the issue we identified. At Microsoft’s request, we coordinated the release of this blog with the release of the patch.

The exploit works across all major Windows platforms, including Windows Vista and Windows 7. It leverages return-oriented programming (ROP) exploitation technology to bypass with data execution (DEP) and address space layout randomization (ASLR) protections, and hook-hopping evasion techniques to evade host-based IPS detections. It requires the victim’s system to run an old Java virtual machine that came with a non-ASLR version of msvcr71.dll. If Java is not installed or there is no non-ASLR version of msvcr71.dll in the system, the exploit won’t work, although it will cause IE to crash.

On Windows XP, the vulnerability can be reliably exploited without any third-party component. We found the exploit tried to download and execute a binary from a remote server. The server was hosted by Yahoo and was taken down the same day we reported this to Microsoft.

McAfee NSP customers are protected by signature 0x402be000, HTTP: Microsoft Internet Explorer Same ID Property Remote Code Execution. McAfee will release a Security Advisory with coverage details on all McAfee products.

I thank my colleagues Zheng Bu and Bing Sun for their analysis of the vulnerability and exploit.


Orginal article: Tuesday, June 12, 2012 at 1:02pm by Yichong Lin

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023