IE vulnerability

Drone · Dec 14, 2012

This December seems to be an annoying one. Vulnerability in flash made IE and Chrome vulnerable. We had Cumulative Security Update for Internet Explorer but now there's other unpatched vulnerability ... in IE ... gosh not again :rolleyes:

All these <specially crafted webpages> ...

Spider.io claims to have discovered a flaw that affects IE, versions 6 through 10. The vulnerability reportedly allows the mouse cursor position to be tracked wherever it is on the screen - even if IE is minimized.

Wow ...

The vulnerability was not addressed in the most recent security update for IE. Spider.io asserts that the flaw is being actively exploited, and claims the Microsoft Security Research Center (MSRC) <has acknowledged the vulnerability>, but has no immediate plan to patch it.

Lolwut ...

Qualys CTO Wolfgang Kandek expressed concerns over the implications such a vulnerability might have for online banking. Many banks have implemented on-screen virtual keyboards for entering account credentials as a means of avoiding traditional keylogger attacks.

Andrew Storms, director of security operations for nCircle, agrees. “This exploit renders that mitigation null and void - it has the effect of a key logger on virtual keyboards. Attackers could potentially capture the clicks connected with banking credentials using this exploit and that isn't good news for the 63 million Americans that bank online.”

Whateva ..

Ok people, be safe.

thxbai

Hybrid_theory · Dec 24, 2012

i just find its hilarious that it affects basically all current versions of IE. good job microsoft.

eidairaman1 · Dec 24, 2012

this is just like the same thing with key loggers

Drone · Jan 5, 2013

IE ... poor thing give it a break ...

Hackers find another zero-day hole in Internet Explorer

An elite hacker group credited last year with having an inexhaustible supply of zero-day vulnerabilities was responsible for digging up and first using the newest unpatched bug in IE, a Symantec manager said.

The gang, dubbed "Elderwood" after a source code variable regularly used by the hackers, had been profiled last September by Symantec in a research paper that outlined its strategies as well as its hacking tactics.

Drone · Jan 16, 2013

Microsoft Fixes IE Zero-Day Bug

Microsoft rolled out an update for Internet Explorer (versions 6, 7, and 8) to close the the zero-day vulnerability which had already been used in several targeted attacks recently.

Well done.

lyndonguitar · Jan 16, 2013

only the cursor? I'll not be surprised if somehow keys can be logged as well

but has no immediate plan to patch it.

good job! lol is this fixed yet?

System Name	home brew
Processor	Intel Corei7 3770K OC @ 4.5Ghz
Motherboard	ASUS P8Z77-V
Cooling	Corsair H100
Memory	16GB DDR3 1600 GSKILL
Video Card(s)	Powercolor Radeon 7970, MSI Radeon 7970
Storage	Mushkin Chronos Deluxe 240gb. 2 TB Hdd.
Display(s)	3x24inch Dell Ultra IPS
Case	CM storm trooper
Power Supply	Antec Quattro OC ed. 1200w
Software	Windows 7 Business x64
Benchmark Scores	vantage: P43089

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

System Name	X6 \| Lyndon-ROG
Processor	Intel Core i7-8700k \| Intel Core i7 6700HQ
Motherboard	Gigabyte Z370 Aorus Gaming 5 \| Asus ROG-GL552VX
Cooling	Deepcool Captain 240EX
Memory	16GB Corsair Vengeance LED \| 8 GB
Video Card(s)	NVIDIA GTX 1080 8 GB GDDR5X \| NVIDIA GeForce GTX 950M 4GB
Storage	SSDs: 500GB, HDDs: 2TB, 2TB, 3TB \| SSD: 250GB, HDD: 1TB
Display(s)	Samsung 49" CHG90 3840x1080@144Hz, Panasonic 32" HDTV, \| 15.6"1080p
Case	Cougar Panzer Max
Audio Device(s)	HyperX Cloud II \| Corsair Gaming H1500 7.1 \| ROCCAT Kave 5.1 \| Edifier M3200
Power Supply	EVGA 750GQ
Mouse	Logitech G403 \| Razer Deathadder Chroma \| Logitech G302 \| Mad Catz Cyborg R.A.T. 5
Keyboard	Corsair Vengeance K70 Cherry MX Red
Software	Windows 10

IE vulnerability

Drone

Hybrid_theory

eidairaman1

The Exiled Airman

Drone

Drone

lyndonguitar

I play games