[ad] What? New vulnerabilities in Internet Explorer? You can hack Internet Exploder Explorer? Never! 3Com Corp’s TippingPoint division has discovered and disclosed two critical new vulnerabilities in Microsoft’s Internet Explorer through 3Com’s Zero Day Initiative (ZDI). The vulnerabilities could have allowed an attacker to gain control of a PC if the user was logged in […]
IE
Browser Security Test – Check Your Browser NOW!
I know this is old, but a lot of people still don’t know about it. It can test for up to date Mozilla, Opera and Internet Explorer flaws, exploits and vulnerabilities. Browser vulnerabilities are a serious issue now. You can see which vulnerabilities they test for here and the statistics of the tests results here. […]
MS and the new IE vulnerability – Object Tag
[ad] Can you see the irony? Just after 2 weeks that M$ released the Internet Explorer security makeover, Michal Zalewski came up with a highly critical exploit, as called by Secunia… based on a mishandling of the OBJECT tag…. Security alerts aggregator Secunia flagged the issue as “highly critical” and stressed that it can be […]
IE Address Bar Spoofing
I recently found on securityfocus mailinglist a bug in IE which can be exploited with a simple javascript code to spoof the address bar location… This allow attacker inject a malicious shockwave-flash application into Internet Explorer while it is display another URL (even trusted sites). The vulnerability has been confirmed on a fully patched system […]
Information about the Internet Explorer Exploit createTextRange Code Execution
[ad] Internet Storm Center’s always informative Diary has some good information. At the urging of Handler Extraordinaire Kyle Haugsness, I tested the sploit on a box with software-based DEP and DropMyRights… here are the results: Software-based DEP protecting core Windows programs: sploit worked Software-based DEP protecting all programs: sploit worked DropMyRights, config’ed to allow IE […]