Alert: 0 Day Exploit in the Wild
I need to make sure this information is getting out so pardon my interruption with our discussion on the botnet issue.
On December 10th, the Handlers Diary at SANS Internet Storm Center published a notice that a zero day exploit had been found posted on the Internet and that this exploit was attacking FULLY PATCHED systems of Microsoft Windows XP.
The post has been updated and Microsoft has issued a statement about it. Microsoft Security Advisory (961051) does not include a fix yet. According to them, they are still investigating.
This exploit affects several Microsoft Operating systems using Internet Explorer 7.
My advice to you is to use Firefox!
The servers that are hosting the exploit are being reported on Shadowserver so you can enable a block. You can access those IP addresses here:
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20081210
The method of infecting the server is none other than SQL injection!
Please be careful about surfing within IE 7 until this patched!
Leave a Reply
 |
 |
 |
|
||
 |
|
 |
|
||
