Summary: Security company FireEye has found a zero-day exploit in Internet Explorer hosted on a breached web site in the United States. EMET may be used to mitigate.
Printable View
I'm glad I don't use IE any version. FF and Opera are better. ;)
Yep, right now I suppose that is true.
Quote:
The specific exploit targets the English versions of Internet Explorer 7 and 8 on Windows XP and IE8 on Windows 7. FireEye says their analysis indicates that the vulnerability behind it affects IE 7, 8, 9 and 10.
FireEye does not say if IE10 on Windows 8 is affected or if they examined IE11.
For anyone interested in EMET, here is an excellent review and guide for version 4.
http://www.dedoimedo.com/computers/windows-emet-v4.html
Excellent, thanks Han.
--
What make this attack a little more worrisome, is the fact that the second stage isn't written to a file. Rebooting would get rid of it of course but, without knowledge your system was compromised, how would you be able to tell if sensitive data was stolen?