Saturday, June 24, 2017
Home / Security / Exploits / Internet Explorer zero-day exploited in wild

Internet Explorer zero-day exploited in wild

While searching around a compromised server that was being used to exploit Java vulnerabilities, a security researcher stumbled upon an additional exploit that he claims takes advantage of a undiscovered security hole in the fully patched versions of Microsoft Internet Explorer 7 and 8.

Eric Romang found four files on the server: an executable, a Flash Player movie and two HTML files called exploit.html and protect.html

When users visit the exploit.html page, it loads the Flash movie, which successively loads the additional HTML page, protect.html. Collectively, they help drop the executable on to the victim’s computer. At this point, aggressors have everything they need to drop any applications they like on the victim’s machine, whether it’s to join a botnet or conduct assaults. In this case, the dropper executable installs a different program when the victim next logs in.

The vulnerability has also been an interest by developers working on the Metasploit exploit framework, and an early version of a module exploiting the zero-day has already been created.

 

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …