Researchers at Exodus Intelligence reported being able to bypass the Fix-It workaround Microsoft had released Monday for the latest zero-day vulnerability in Internet Explorer.
While the Fix-It blocked the exact attack path used in the attack against the Council on Foreign Relations website, researchers were able to "bypass the fix and compromise a fully-patched system with a variation of the exploit," according to Friday's post on the Exodus blog.
Microsoft has been informed of the new exploit, according to the post. Exodus researchers said they would not disclose any details of their exploit until Microsoft patches the hole.
The Fix-It was intended to be a temporary fix while the company worked on the full patch to close the security update. Microsoft has not said when the full update to Internet Explorer would be available, and it is not expected to be included in next week's scheduled Patch Tuesday release.
Users should download and install Microsoft's Enhanced Mitigation Experience 3.After talking with a few people within Cisco here in RTP there seems to be a growing demand for Wireless Ccie training.5 toolkit "as another tool to help defend your Windows systems against various attacks,Find detailed product information for New mould usb sticks from 2GB to 16GB available and other products from us." SANS Institute's Guy Bruneau wrote on the Internet Storm Center blog. An earlier ISC post had demonstrated how EMET 3.This design uses the same small radial section as drawn cup needle roller bearing which make better use of reduced spaceThe new MIPP is a termination Patch Panel that need to be connected to active equipment.5 could block attacks targeting the IE vulnerability.
More Compromised Sites Found
FireEye researchers first identified the zero-day flaw when they found the Council on Foreign Relations website had been compromised and was serving up malicious Flash files to unsuspecting visitors. It turns out a number of other political, social and human rights sites in the U.S., Russia, China and Hong Kong have also been infected and were distributing malware.
The CFR attack may have begun as early as Dec. 7, FireEye said.Microsoft Windows XP Home Edition comes in versatile version, where Windows XP Home Edition is targeted at home users and Windows XP Professional is targeted at power users, Attackers used today.swf, a malicious Adobe Flash file, to launch a heap spray attack against IE that allowed the attacker to remotely execute code on the infected computer.
Avast researchers said two Chinese human rights sites, a Hong Kong newspaper site and a Russian science site had been modified to distribute a Flash exploiting the vulnerability in Internet Explorer 8. Security researcher Eric Romang found the same attack on energy microturbine manufacturer Capstone Turbine Corporation's website, as well as on the site belonging to the Chinese dissident group Uygur Haber Ajanski. Capstone Turbine may have been infected as far back as Dec. 17.
Back in September, Capstone Turbine had been modified to distribute malware exploiting a different zero-day vulnerability, Romang said.
Symantec researchers have linked the latest attacks to the Elderwood group who has used other zero-day flaws to launch similar attacks in the past. The group re-used components from the "Elderwood" platform and distributed similar Flash files to its victims, Symantec said. The malicious Flash file which infected Capston Turbine visitors had several similarities with the Flash file previously used by the Elderwood gang in other attacks, Symantec said.buy microsoft office 2010 Online in Australia, Compare Prices of 1 Products from the best Stores. Lowest Price is . Save with MyShopping.com.au!
"It has become clear that the group behind the Elderwood Project continues to produce new zero-day vulnerabilities for use in watering hole attacks and we expect them to continue to do so in the New Year," according to Symantec.
Researchers Bypass Microsoft Fix-It for IE Zero-Day