Irregular Expressions

Sep 19 2012   8:56PM GMT

CVE-2012-4969 Patch

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

There appears to be a release set for FridaySept 21st for CVE-2012-4969.

If you haven’t seen this, it is a pretty bad one. Here is some additional info;

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4969

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4969

http://technet.microsoft.com/en-us/security/advisory/2757760

The short version of what is going on is there is a vulnerability inside of all current versions of IE that is being exploited to install a trojan. From what I have been seeing so far all of the attacks I have seen use a swf file for delivery. Microsoft did a quick release of some mitigation techniques and it looks like we have a full patch set for Friday.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: