New IE zero-day attack reported

Security 10755 Published by

Researchers at network security company Fireeye have identified a zero-day exploit of Internet Explorer on a breached web site



From ZDNet:
The specific exploit targets the English versions of Internet Explorer 7 and 8 on Windows XP and IE8 on Windows 7. FireEye says their analysis indicates that the vulnerability behind it affects IE 7, 8, 9 and 10.

FireEye does not say if IE10 on Windows 8 is affected or if they examined IE11.

There are two vulnerabilities involved in the attack: the first is an information disclosure vulnerability which the exploit uses to retrieve the timestamp from the PE headers of msvcrt.dll (part of the Microsoft Visual C++ runtime). The second is an IE out-of-bounds memory access vulnerability, used to achieve code execution.
  New IE zero-day attack reported

The missing Lumia: a look at Nokia's unreleased 719C Windows Phone

Easily Share Microsoft Office Documents on Windows Phone with SkyDrive

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...