'Aurora' Exploit Retooled To Bypass Internet Explorer's DEP Security
Kelly Jackson Higgins writes on Dark Reading:
Security experts' worst fears about the Internet Explorer exploit used to hack Google and others has been realized: It can be retooled to beat IE's best defense, the Data Execution Protection (DEP) feature.More here.
Chaouki Bekrar, CETO of VUPEN Security, says his team was able to bypass DEP on IE8 and execute arbitrary code. "We first used this technique a few weeks ago when we exploited another IEb8 vulnerability [that was] fixed with MS09-072," Bekrar says. He says VUPEN has sent its exploit code to Microsoft for review. IDS, IPS, and antivirus vendors also were given access to it via the company's vulnerability analysis service.
DEP is one of the key defenses against the original Aurora exploit code, which to date has been threatening only IE 6 users in the wild after being released in the wake of the recent hacks of Google and other firms.