Full Disclosure mailing list archives
Re: Microsoft patches the WMI Object Broker bug
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 1 Nov 2006 15:16:43 -0500
More here: http://www.eweek.com/article2/0,1759,2048968,00.asp?kc=EWRSS03119TX1K0000594 http://tinyurl.com/w2gcz An "extremely critical" vulnerability in Microsoft Visual Studio 2005 could put users at risk of remote code execution attacks, the company confirmed Nov. 1. ADVERTISEMENT The Redmond, Wash., software maker issued a security advisory with pre-patch workarounds and warned that the flaw is already being used in zero-day attacks. "We are aware of proof of concept code published publicly and of the possibility of limited attacks that are attempting to use the reported vulnerability," Microsoft said in the advisory. and here: http://www.betanews.com/article/Microsoft_Scrambling_to_Patch_Exploit/1162401603 http://tinyurl.com/y394vx This morning, Microsoft Security announced it has been alerted to proof-of-concept code that may already have been referenced in the creation of a malicious exploit. Although details about the exploit itself have not yet be revealed, according to this morning's advisory, the point of weakness is a Windows library that is shipped with Visual Studio 2005, called wmiscriptutils.dll. Apparently a call to this library, placed from within a script executed in some installations of Internet Explorer 7 with default settings, on operating systems other than Windows Server 2003, can trigger possible unguarded remote malicious code execution. On 11/1/06, H D Moore <fdlist () digitaloffense net> wrote:
http://www.microsoft.com/technet/security/advisory/927709.mspx The Metasploit 2 module (ie_createobject)[1] has been exploiting this bug since it was released in August. Glad to see they finally noticed. Thanks to Aviv for noticing / sending me the link. -HD 1. http://metasploit.com/projects/Framework/exploits.html#ie_createobject _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft patches the WMI Object Broker bug H D Moore (Nov 01)
- Re: Microsoft patches the WMI Object Broker bug H D Moore (Nov 01)
- Re: Microsoft patches the WMI Object Broker bug Dude VanWinkle (Nov 01)