Educause Security Discussion mailing list archives

Re: 0-day exploit for Internet Explorer in the wild

From: Eva <elorenz () EMAIL UNC EDU>
Date: Wed, 10 Dec 2008 07:52:55 -0500

Sabo, Eric wrote:

SANS is reporting the following:
        http://isc.sans.org/diary.html?storyid=5458

Does anyone have any additional information on this?

Eric Sabo
Senior Windows Systems Engineer
Department of Computing Systems
California University of Pennsylvania



There is also another exploit in Wordpad - not patched yesterday. See
sans.org for additional details.

The IE exploit is supposed to start a program called ko[1].exe on fully
patched XP systems- based on the entry on a German site
http://www.heise.de/security/Acht-Update-Pakete-und-zwei-Zero-Day-Exploits-zum-Microsoft-Patchday--/news/meldung/120168

Current thread:

0-day exploit for Internet Explorer in the wild Sabo, Eric (Dec 10)
- <Possible follow-ups>
- Re: 0-day exploit for Internet Explorer in the wild Eva (Dec 10)
- Re: 0-day exploit for Internet Explorer in the wild Eva (Dec 10)
- Re: 0-day exploit for Internet Explorer in the wild Gregory N Pendergast/AC/VCU (Dec 10)
- Re: 0-day exploit for Internet Explorer in the wild Curt Wilson (Dec 10)
- Re: 0-day exploit for Internet Explorer in the wild Ken Connelly (Dec 10)
- Re: 0-day exploit for Internet Explorer in the wild Chuck Braden (Dec 10)
- Re: 0-day exploit for Internet Explorer in the wild Gregory N Pendergast/AC/VCU (Dec 11)