New IE Zero Day 305
RebootKid writes "Microsoft has released a notice about
a new zero day attack against Internet Explorer. Guess it's going to be more a 'Script Kiddie Christmas,' less of a 'White Christmas.' 'Ok, fess up — who asked for an IE 0 day for Christmas? I'm guessing Santa got his lumps of coal mixed up with a bag of exploits. This exploit has been discussed over the last day or so on full disclosure and a number of other sites. Metasploit already has a module available for it (just search for CSS & IE). Microsoft has put out an advisory 2488013 regarding the issue which manifests itself when a specially crafted web page is used and could result in remote code execution on the client.'"
Re:Misleading report (Score:3, Interesting)
Referece? The CVE description says:
I can attest to that (Score:4, Interesting)
When I went to a 64-bit OS I decided I'd force DEP on. Windows actually has 4 DEP modes: always off, always on, opt in, opt out. It just only shows the opt in and opt out choices in the GUI. So I turned it on. After all, this was some time since DEP had come about, figured things would be fine.
Wrong answer. Tons of apps bombed on DEP errors. Seems lots of apps like to execute from memory they forgot to mark for code. I tried the opt out mode for a bit, figuring that I'd just add the apps that were problems, but it got to be too much since you have to do it by hand (there isn't an "add exception" button in the error or anything), some apps had multiple sub apps that had to be added, and of course it isn't like apps would always just fail to execute, sometimes they'd run fine until you were in them and working, then bomb (audio apps with plugins were notorious for this).
So now my computer is in the default op in state, meaning only apps that ask for DEP get it. Not as secure, but such is life. Good news is as far as I can tell all my apps that run at any privilege above user DO use DEP so that's nice.