Tag Archive | "IE-exploit"


19 February 2014 | 1,259 views

2 Different Hacker Groups Exploit The Same IE 0-Day

It hasn’t been too long since the last serious Internet Explorer 0-day, back in November it was used in drive-by attacks – Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks. And earlier last year there was an emergency patch issued – Microsoft Rushes Out ‘Fix It’ For Internet Explorer 0-day Exploit. […]

Continue Reading


12 November 2013 | 1,553 views

Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks

So another IE 0-Day has been uncovered, and is in use in the wild for drive-by attacks on unwitting web users. I have to say, technically speaking, this attack is rather impressive – in terms of the exploit, the delivery method and the way that it runs. It retrieves the PE headers from a DLL […]

Continue Reading


04 January 2011 | 9,701 views

Internet Explorer Zero-Day Accidentally Leaked To Chinese Hackers

First up, happy new year – let’s hope 2011 is an interesting year for the infosec community. Anyway today’s story is about the recently released tool cross_fuzz by Michal Zalewski and an inadvertent leak that have occurred. tl;dr version is something like this: Michal Zalewski writes a DOM fuzzer, fuzzes IE, finds flaws, Chinese dudes […]

Continue Reading


21 January 2010 | 7,939 views

Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability

Ah Microsoft is treating this one seriously after France and Germany advised users to avoid IE. The current strain being exploited only targets IE6 users, but one security company has developed an exploit for IE8 which also bypasses DEP (Data Execution Prevention). It was rumoured this was the exploit used last week to compromise Google […]

Continue Reading


15 December 2008 | 7,900 views

IE7 Exploit Also Affects IE5, IE6 and IE8! More Users In Trouble

I’m sure you’ve heard about the Microsoft IE7 Exploit that allows Remote Code Execution on XP & Vista, it turns out it’s actually much worse than first expected. The exploit also affects IE5.01, IE6 and IE8 on all OS versions! That’s a pretty worrying turn of events for MS especially as they are seemingly leaving […]

Continue Reading


11 December 2008 | 7,147 views

Microsoft IE7 Exploit Allows Remote Code Execution on XP & Vista

It seems a new, fairly serious flaw has been discovered in Internet Explorer 7 – and as accounts go it’s been around for a couple of months in the underground. The worrying part is, patch Tuesday was yesterday and after testing it’s been discovered that this flaw WAS NOT patched in the updates. ISC reports […]

Continue Reading


02 May 2006 | 6,711 views

Proof of Concept for Internet Explorer Modal Dialog Exploit

Pretty interesting and imaginative way to exploit the flaw in IE…yeah I know linked to ActiveX again, all the more reason to use Firefox right? It just shows that the browser really is a point of entry, this could be useful for a penetration test, another way to show how easy it is to get […]

Continue Reading


13 April 2006 | 4,703 views

New Critical MEGApatch fixes 10 Vulnerabilities in Internet Explorer

Well how many does that leave unpatched? 30+ if I remember correctly from the PivX page that got taken down mysteriously. Microsoft on Tuesday released a “critical” Internet Explorer update that fixes 10 vulnerabilities in the Web browser, including a high-profile bug that is already being used in cyberattacks. The Redmond, Wash., software giant sent […]

Continue Reading


04 April 2006 | 9,791 views

IE Address Bar Spoofing

I recently found on securityfocus mailinglist a bug in IE which can be exploited with a simple javascript code to spoof the address bar location… This allow attacker inject a malicious shockwave-flash application into Internet Explorer while it is display another URL (even trusted sites). The vulnerability has been confirmed on a fully patched system […]

Continue Reading


27 March 2006 | 6,892 views

Information about the Internet Explorer Exploit createTextRange Code Execution

Internet Storm Center’s always informative Diary has some good information. At the urging of Handler Extraordinaire Kyle Haugsness, I tested the sploit on a box with software-based DEP and DropMyRights… here are the results: Software-based DEP protecting core Windows programs: sploit worked Software-based DEP protecting all programs: sploit worked DropMyRights, config’ed to allow IE to […]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·