0-Day Microsoft XML Core Services Vulnerability Hits Internet Explorer
Sunday November 5, 2006 at 5:39 am CST
Posted by Craig Schmugar
Microsoft recently posted Security Advisory (927892) for a critical vulnerability in Microsoft XML Core Services. This vulnerability was discovered in the field and allows for remote code execution. This equates to another means for drive-by attacks via Internet Explorer. Exploitation is not believed to be wide spread at this time, but we can expect exploit code to become public early in the week at which point exploitation will pick up exponentially.
Workarounds include setting the kill bit for the XMLHTTP 4.0 ActiveX Control and modifying Internet Explorer’s security settings. For more information, see:
http://www.microsoft.com/technet/security/advisory/927892.mspx
McAfee Avert Labs is currently analyzing this threat.
November 5th, 2006 at 5:55 am
[…] One of my buddies at McAfee Avert Labs has posted on a new IE zero-day exploit making the rounds. Tho he would never admit to it, Craig Schmugar is one of the finest researchers in the security industry and a fairly prolific blogger himself. […]
November 6th, 2006 at 12:49 pm
[…] to improve the safety of your browser. Share this post: email it! | bookmark it! | digg it! | live it! Published Monday, November 06, 2006 8:43 PM byharry […]
November 15th, 2006 at 2:01 pm
[…] Trackback On Sunday November 5th, we blogged about a 0-day exploit discovered in the wild that was targeting a Microsoft XML Core Services vulnerability. McAfee Avert Labs had been tracking and monitoring the payload deployed by this exploit. […]