Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Microsoft Announces Out-of-Band Security Bulletin for the IE Vulnerability - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft Announces Out-of-Band Security Bulletin for the IE Vulnerability

Microsoft posted "an advance notification of one out-of-band security bulletin that Microsoft is intending to release on January 21, 2010. The bulletin will be for Internet Explorer to address limited attacks against customers of Internet Explorer 6, as well as fixes for vulnerabilities rated Critical that are not currently under active attack."

For details, see:

http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx

Update:

Microsoft also posted a comprehensive overview of the exploits that target this vulnerability. See:

http://blogs.technet.com/srd/archive/2010/01/20/reports-of-dep-being-bypassed.aspx

 -- Lenny

Lenny Zeltser - Security Consulting
Lenny teaches malware analysis at SANS Institute. You can find him on Twitter.

Lenny

216 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!