Zero-day IE Exploit Increases


....We are starting to see some infections of sites that are using this technique to exploit vulnerable machines and run malicious code without user-intervention. This, combined with the increase in published proof-of-concept code that performs malicious actions other than simply running calc.exe (like the original POC code), leads us to believe that more widespread infections are possible.

We have also seen sites that are attempting to use the Internet Explorer exploit but have programming logic problems and errors. A couple of these sites have also been blogs that have RSS functionality enabled. WebsenseŽ - Security Labs Alert: Zero-day IE Exploit Increases

Linked by shanmuga Friday, 2nd December 2005 8:47PM