In association with heise online

11 March 2010, 12:39

Exploit for new IE hole

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

MSFT Logo A public exploit for the new security hole in Internet Explorer 6 and 7 has now become available – as a module for the Metasploit exploit framework. Since it's likely that other websites will soon begin to actively exploit the hole, this will probably force Microsoft to promptly release a patch. Microsoft had previously only registered a few targeted attacks exploiting the hole in the iepeers.dll component to infect systems. Microsoft said therefore that it would continue to monitor the situation and recommended that users switch to Internet Explorer 8, which is not vulnerable. At the recent RSA conference, the creator of Metasploit, H.D. Moore, accused software vendors of only responding fast once an exploit is in circulation – it will be interesting to see if he's right again.

The Metasploit module is based on an analysis of the original exploit. It uses a flawed pointer dereferencing mechanism to execute injected code. This was discovered by Israeli developer Moshe Ben Abu after reading a post on McAfee's blog which mentioned the www.topix21century.com domain responsible for the original exploit.

The Metasploit module works with Microsoft Internet Explorer 7 under Windows Vista SP2, Internet Explorer 7 under Windows XP SP3 and Internet Explorer 6 under Windows XP SP3, but only if the data execution prevention (DEP) feature hasn't been enabled. Although the exploit isn't yet totally reliable.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-952183
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit