Wazoo Posted December 16, 2008 Share Posted December 16, 2008 Ended up flipping a coin a to whether to post here or in Announcements, as this does not actually deal with a SpamCop.net issue. On the down side, it's hard to say how many folks will actually navigate their way here ..??? Per the Advisory: Vulnerability in Internet Explorer Could Allow Remote Code Execution, Microsoft has been very busy. Unfortunately, this includes adding more versions of IE to the list. The suggested 'fixes/workarounds' thus far have been pretty much poo-poo'd by most security folks. Not stated in this Advisory is a currently much replicated announcement that Microsoft is planning on released a patch tomorrow .. definitely way off their normally scheduled 'patch Tuesday' mode. If you are using IE and the Windows update isn't set for some kind of automatic mode, please make sure that you manually hit the Windows Update site tomorrow to at least look to see if this patch actually did make it out. Of course, the suspected follow-on issue is just what versions will be provided with a patch, suspecting those IE5 and IE6 users may find themselves left out. The problem is that the exploits are already out there and apparently spreading pretty fast. Example article; Microsoft Issuing Emergency Patch For Internet Explorer The company on Saturday warned that 1 in 500 Internet Explorer users worldwide may have been exposed to malware hosted at both legitimate Web sites and porn sites that exploit an unpatched vulnerability. Microsoft confirmed finding exploit code on a search engine in Taiwan and on a Web site in Hong Kong that serves adult entertainment content. "Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability," Microsoft Security Response Center researchers Ziv Mador and Tareq Saade said in a blog post. "That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: We saw an increase of over 50% in the number of reports today compared to yesterday." ........ Microsoft however says it is aware only of attacks affecting Internet Explorer 7 under the following systems: Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. ....... In a blog post on Tuesday titled "Stop Viewing Porn in Internet Explorer... For Now," Graham Cluley, senior technology consultant at Sophos, said that his company is seeing about 20,000 new infected Web pages appearing every day and that most of those sites are legitimate sites compromised by SQL injection attacks. Stephan Chenette, manager of security research at Websense Security Labs, said in a phone interview that he's seeing a lot more legitimate sites being infected than porn sites. "I would characterize the severity as quite critical," he said. "It has quickly become the exploit of choice among attackers." Needless to say, that last paragraph seems to be the scariest. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.