[postlink]http://tubehack.blogspot.com/2010/01/aurora-ie-exploit-used-in-chinese.html[/postlink]http://www.youtube.com/watch?v=n3ylpobYbg8endofvid
[starttext]
The Aurora IE Exploit in Action: http://praetorianprefect.com/archives...
Per Microsofts Advisory 979352: In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.. Earlier today this entry from yesterday at Wepawet (an online analysis engine for malware) was pointed out to H.D. Moore, and within hours Metasploit has an exploit of the vulnerability integrated. McAfee has confirmed that the exploit is out and the same one they saw during the investigation. The video below demonstrates how crackers initially gained access to the corporate networks of Google, et al. using this zero day attack.
[endtext]
[starttext]
The Aurora IE Exploit in Action: http://praetorianprefect.com/archives...
Per Microsofts Advisory 979352: In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.. Earlier today this entry from yesterday at Wepawet (an online analysis engine for malware) was pointed out to H.D. Moore, and within hours Metasploit has an exploit of the vulnerability integrated. McAfee has confirmed that the exploit is out and the same one they saw during the investigation. The video below demonstrates how crackers initially gained access to the corporate networks of Google, et al. using this zero day attack.
[endtext]