Thursday, January 3, 2013
This attack uses Adobe Flash to exploit a vulnerability in Internet Explorer 8. Microsoft claims that the vulnerability only affects Internet Explorer 6-8 and that people using Internet Explorer 9-10 are not impacted. The attack involves the targeted compromise of legitimate websites thought to be of interest to or frequented by end users who belong to organizations that attackers wish to infiltrate.
The network penetration testing community already has the tools to test for it. There is now a Metasploit module (ie_cdwnbindinfo_uaf) that emulates this attack. This also menas that the vulnerability will be exploited rapidly, users are encouraged to take immediate mitigation steps. Users running Windoes XP should use a browser other than Internet Explorer and corporate security staff should review Microsoft’s recommendations to build a layered defence to protect staff. Microsoft's workaround options can be found at:
Microsoft FixIt workaround: