IE7 0-Day in the wild today. The proof of concept code is available on Milw0rm site.

SANS has a write up on the 0-Day that “is *not* patched with MS08-073 that was released yesterday. I can confirm that the exploit works in a fully patched Windows XP machine.”

From Milw0rm:

// k`sOSe 12/10/2008 – tested on winxp sp3, explorer 7.0.5730.13

// windows/exec – 141 bytes
// EXITFUNC=seh, CMD=C:\WINDOWS\system32\calc.exe


# [2008-12-10]

The folks at Websense should have an alert posted shortly. And here is the link for the Secunia advisory. McAfee has a posting regarding this matter.

Article Link

UPDATE: (Dec. 12) Also affects IE5 IE6 and IE8 Article Link

Leave a Reply

Your email address will not be published. Required fields are marked *