Tuesday, August 09, 2005

Exploit for IE vulnerability (MS05-038) appears same day as patch

Well, I'd recommend that users patch this hole immediately, because over on FrSIRT, an exploit for this vulnerabilty has already shown up. Details on both below.

Microsoft Security Bulletin:

Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727)
Impact of Vulnerability:
Remote Code Execution
Maximum Severity Rating:
Critical

FrSIRT Exploit Advisory:

Microsoft Internet Explorer COM Objects Instantiation Exploit (MS05-038)
Date : 09/08/2005
Advisory : FrSIRT/ADV-2005-1353
CVE : CAN-2005-1990
Rated as : Critical

0 Comments:

Post a Comment

<< Home