Jump to content

IE7 vulnerability exploitation spreading - protect yourself


Recommended Posts

Maybe its a bit boring for someone to read the Microsoft Security Update, in my URL(above).

But the MBAM Team is not "someone". I tried to inform the Team about this particular threat. I would appreciate therefore some kind of feedback please.

Thanks.

TrDo.

Link to post
Share on other sites

Maybe its a bit boring for someone to read the Microsoft Security Update, in my URL(above).

But the MBAM Team is not "someone". I tried to inform the Team about this particular threat. I would appreciate therefore some kind of feedback please.

Thanks.

TrDo.

and to add to this:

Out-of Band Microsoft Security Bulletin Advance Notification for

December 2008

Issued: December 16, 2008

********************************************************************

This is an advance notification of an out-of-band security bulletin

that Microsoft is intending to release on December 17, 2008.

The full version of the Microsoft Security Bulletin Advance

Notification for December 2008 can be found at

http://www.microsoft.com/technet/security/...n/ms08-dec.mspx.

you can read it here

http://news.bbc.co.uk/2/hi/technology/7784908.stm

Recommendation on this website is that until Microsoft issues the patch tomorrow, you should be using another browser like Firefox.

robin

Link to post
Share on other sites

Malware scripts are more in line with what antivirus software should protect you against . That being said we do know all about this and are actively hunting exploit sites so that we can stop the malware they attempt to drop . What we have seen so far is mostly Spyware.Onlinegames coming from these .

That being said I would still use an alt browser and unregister that dll for now (there are firefox exploits that could load an IE page with this exploit so firefox alone is not enough) .

All it takes is an exploit to be paired with a 0day threat and you will be infected no matter what you have for security .

Link to post
Share on other sites

Bruce,

I would agree with you that malware scripts are AV's software job. Was just wondering if MBAM can track it on the Demand Scan, not during the Protection scan (I've got the Premium Ed of MBAM).

Thanks a lot. I got the picture.

TrDo.

P.S. Sho-Dan, thank you also. We'll wait for this security update and see how it goes.

Link to post
Share on other sites

Malware scripts are more in line with what antivirus software should protect you against . That being said we do know all about this and are actively hunting exploit sites so that we can stop the malware they attempt to drop . What we have seen so far is mostly Spyware.Onlinegames coming from these .

That being said I would still use an alt browser and unregister that dll for now (there are firefox exploits that could load an IE page with this exploit so firefox alone is not enough) .

All it takes is an exploit to be paired with a 0day threat and you will be infected no matter what you have for security .

Don't sandbox-HIPS type programs like DefenseWall, GeSWall, Sandboxie, etc. all protect against this IE vulnerability by running the browser isolated?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.