[Owasp-singapore] After the recent Firefox 0-day, now it is IE's turn.

Wong Onn Chee ocwong at usa.net
Fri Nov 5 06:39:43 EDT 2010


No patch for this 0-day by next Tue.

On 11/04/2010 10:12 AM, Wong Onn Chee wrote:
> http://www.microsoft.com/technet/security/advisory/2458511.mspx
> http://www.cso.com.au/article/366801/hackers_exploit_unpatched_ie_bug_drive-by_attacks?eid=-302&uid=45760
> "Antivirus vendor Symantec said that it had first seen exploits aimed 
> at the IE bug several days ago when it came across spam that had been 
> sent to select individuals within some organizations. The messages 
> posed as hotel reservation notifications.
> "Within the e-mail, the perpetrators added a link to a specific page 
> hosted on an otherwise legitimate site," said Symantec researcher 
> Vikram Thakur in an entry on his company's blog 
> <http://www.symantec.com/connect/pt-br/blogs/new-ie-0-day-used-targeted-attacks> 
> . "The hackers had gotten access to the Web site account and uploaded 
> content without the owners knowing."
> -- 
> Best Regards
> Onn Chee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20101105/a8344db9/attachment.html 

More information about the Owasp-singapore mailing list