Internet Explorer Zero-Day Discovered, Metasploit Module Released

A new 0-Day IE exploit puts a lot of internet users at risk. According to Rapid7 (creator of the Metasploit testing platform) the new zero-day, discovered by security researcher Eric Romang, affects IE 7,8 and 9 on Windows XP, Vista (Anyone really use that anymore?) and Windows 7.

The Zero-Day was found when Eric was analyzing a machine that was infected with “Poison Ivy” a malicious remote administration tool (RAT). Apparently the 0-Day was actually used to install Poison Ivy, possibly by the “Nitro” hacker gang.

Check out the video Eric made (above) and his website for more information.

Microsoft urged users to use their free security tool, the Enhanced Mitigation Experience Toolkit (EMET). Rapid7 countered this saying that the stop-gap does not work well in all circumstances and should switch to another browser until a security patch to IE is released.

Rapid7 also released a Metasploit module (pictured above) so corporate security teams could test their networks to see if they are vulnerable to the exploit. All Metasploit users need to do is just update their install and the module will be pulled down. Backtrack users can simply run “msfupdate”.

5 thoughts on “Internet Explorer Zero-Day Discovered, Metasploit Module Released”

  1. Hmm… I wonder if this has been patched. I have tried a Win7 box and a WinXP box and its a no go on both of them. Gonna try another XP and see how that goes

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.