NEW Vulnerability Found in Every Single Version of Internet Explorer 4/28 | |
El_Duderino
User ID: 57360954 Spain 04/28/2014 03:53 PM Report Abusive Post Report Copyright Violation | The vulnerability, which could allow remote code execution, is being used in "limited, targeted attacks," according to an advisory issued by Microsoft. While all versions of the web browser, IE 6 through 11, are affected by the vulnerability, attacks are currently targeting IE versions 9, 10 and 11, according to security firm FireEye, which first reported the flaw Friday. Quoting: Anonymous Coward 57402870 The attack leverages a previously unknown "use after free" vulnerability -- data corruption that occurs after memory has been released -- and bypasses both Windows DEP (data execution prevention) and ASLR (address space layout randomization) protections, according to FireEye. The vulnerability is currently being exploited by a group of hackers targeting financial and defense organization in the US, FireEye told CNET. MORE.... [link to www.cnet.com] Wait... You're telling me that there are people who still use Internet Explorer?!! We are not children of celestial fuckin' light, walkin' arm-in-arm into the Age of Aquarius. We are wankers who wreck the planet an' piss on each other, 'til half the world's starvin' an' the other half's busy findin' new ways to keep from noticin' it. That's the fuckin' limit've our potential, believe me. :jcbanner: |
411 (OP) User ID: 57402870 United States 04/28/2014 03:56 PM Report Abusive Post Report Copyright Violation | The vulnerability, which could allow remote code execution, is being used in "limited, targeted attacks," according to an advisory issued by Microsoft. While all versions of the web browser, IE 6 through 11, are affected by the vulnerability, attacks are currently targeting IE versions 9, 10 and 11, according to security firm FireEye, which first reported the flaw Friday. Quoting: Anonymous Coward 57402870 The attack leverages a previously unknown "use after free" vulnerability -- data corruption that occurs after memory has been released -- and bypasses both Windows DEP (data execution prevention) and ASLR (address space layout randomization) protections, according to FireEye. The vulnerability is currently being exploited by a group of hackers targeting financial and defense organization in the US, FireEye told CNET. MORE.... [link to www.cnet.com] Wait... You're telling me that there are people who still use Internet Explorer?!! :Jbsb: Yeah, but it's mostly the Gov. LMAO! US-CERT is aware of active exploitation of a use-after-free vulnerability in Microsoft Internet Explorer. This vulnerability affects IE versions 6 through 11 and could lead to the complete compromise of an affected system. MORE.... [link to www.us-cert.gov] |