Glenn9999 Posted December 16, 2008 Share Posted December 16, 2008 (edited) http://www.computerworld.com/action/articl...ticleId=9123118http://www.computerworld.com/action/articl...tsrc=hm_ts_headhttp://www.msnbc.msn.com/id/28258894REDMOND, Wash. - Microsoft Corp. is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers.Microsoft said it has seen attacks targeting the flaw only in Internet Explorer 7, the most widely used version, but has cautioned that all other current editions of the browser are vulnerable.http://www.microsoft.com/technet/security/...n/ms08-dec.mspxIt effects everything Internet Explorer.Probably related to this: http://www.microsoft.com/technet/security/...ory/961051.mspx Edited December 16, 2008 by Glenn9999 Link to comment Share on other sites More sharing options...
cluberti Posted December 17, 2008 Share Posted December 17, 2008 http://www.microsoft.com/technet/security/...n/MS08-078.mspxIt's available. Install it now. Link to comment Share on other sites More sharing options...
Zxian Posted December 17, 2008 Share Posted December 17, 2008 Thanks cluberti. Downloaded and installed on all my machines. Link to comment Share on other sites More sharing options...
Dude111 Posted December 17, 2008 Share Posted December 17, 2008 Anyone have a proof of concept link to test your browser? Link to comment Share on other sites More sharing options...
cluberti Posted December 17, 2008 Share Posted December 17, 2008 Anyone have a proof of concept link to test your browser?http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4844 - links there (obviously not a direct link to the exploit). Link to comment Share on other sites More sharing options...
Dude111 Posted December 19, 2008 Share Posted December 19, 2008 I couldnt find the link to test this.......http://secunia.com/advisories/33089That page doesnt have a link to test.... (Im just curious) Link to comment Share on other sites More sharing options...
cluberti Posted December 19, 2008 Share Posted December 19, 2008 The link I posted above has 2 links (the first two, I think) that contain HTML pages that will repro. Link to comment Share on other sites More sharing options...
Dude111 Posted December 19, 2008 Share Posted December 19, 2008 OK i tried bothMILW0RM:7403 andMILW0RM:7410 Both did nothing,all i saw was text on my screen.. (Im using IE6) Link to comment Share on other sites More sharing options...
cluberti Posted December 19, 2008 Share Posted December 19, 2008 OK i tried bothMILW0RM:7403 andMILW0RM:7410 Both did nothing,all i saw was text on my screen.. (Im using IE6)What text did you see? Was it HTML code? Link to comment Share on other sites More sharing options...
Dude111 Posted December 20, 2008 Share Posted December 20, 2008 No it was just a script... (Like your supposed to put it in notepad and create a LOCAL .htm file to test it)I dunno,no biggie i guess....... What do you see when you try these? Link to comment Share on other sites More sharing options...
cluberti Posted December 20, 2008 Share Posted December 20, 2008 The same - you are supposed to copy that text into an empty .html file, save it, then run it (that's the code that should exploit the vulnerability). Like I said links to the code, but nothing direct (not even the links to the scripts themselves) for obvious reasons. Link to comment Share on other sites More sharing options...
Dude111 Posted December 22, 2008 Share Posted December 22, 2008 Ah ok,i dunno if i wanna try it,have you tried doing that? What happened if you did?? (I assume its just an example and nothing will be sent to anyone) Link to comment Share on other sites More sharing options...
cluberti Posted December 22, 2008 Share Posted December 22, 2008 The one runs calc.exe, as an example. The code there is harmless, but obviously the exploit is not. Link to comment Share on other sites More sharing options...
Dude111 Posted December 23, 2008 Share Posted December 23, 2008 (edited) Ill try it then Ill let cha know EDIT:I tried 7410 and it just bogged down my browser,nothing happend.... Finally i ended task on my browser and came back here...... Edited December 23, 2008 by Dude111 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now