On the 1 Jan 2013, Johannes posted a diary on a Microsoft FixIt made available for IE as a way of mitigating the CVE-2012-4792 zero day attack. Researchers at Exodus Intelligence reported today they have developed a new attack that bypasses the FixIt issued by Microsoft. They were able to bypass and compromised a fully-patched system using some variation of the exploit published this week. You might want to take a second look at the diary published this week that is using EMET 3.5 as another tool to help defend your Windows systems against various attacks.
[1] https://isc.sans.edu/diary.html?storyid=14788 ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu |
Guy 523 Posts ISC Handler Jan 4th 2013 |
Thread locked Subscribe |
Jan 4th 2013 9 years ago |
Sign Up for Free or Log In to start participating in the conversation!