In the public domain already has two options to exploit the vulnerability of non-elimination, which is actively exploited by hackers.
A newly discovered vulnerability in Microsoft Internet Explorer, which affects versions 7, 8 and 9 is used by hackers to install a Trojan application Poison Ivy on users’ systems. At the moment in the public domain are 2 options to exploit the vulnerability, available as a module for Metasploit Framework. The vulnerability was first reported on September 14, when security researcher Eric Romang (Eric Romang) said in his blog that he had found an exploit for a previously unknown vulnerability in Internet Explorer. According to the expert, he studied the compromised servers that used the hacker group members Nitro.
Vulnerable applications: Internet Explorer 7, 8 and 9 on Windows XP, Windows 2003, Windows Vista, Windows 2008 and Windows 7.
The notification Microsoft says that IE 10, which is only available in Windows 8, the vulnerability does not apply. One of the leaders of the company Rapid 7 HD Moore in an interview for Computerworld to the question of whether a vulnerable IE 10, said: “I think so,” and added that his team will soon examine the existence of a browser vulnerability.
Eesterday, Microsoft has released a security alert that describes the gap in Internet Explorer. As a temporary solution the manufacturer recommends the following:
- Configure EMET
Run the following command:
For 32-bit systems
“C: \ Program Files (x86) \ EMET \ EMET_Conf.exe” – add “c: \ Program Files (x86) \ Internet Explorer \ iexplore.exe”
For 64-bit systems
“C: \ Program Files (x86) \ EMET \ EMET_Conf.exe” – add “c: \ Program Files \ Internet Explorer \ iexplore.exe”
- Use enhanced security for Internet zone and Local intranet to block ActiveX components and ActiveScripting in these zones