Wednesday, December 17, 2008

Internet Explorer XML 0-day and MS-SQL vulnerabilities

Two new critical MS vulnerabilities released in early January the IE flaw (buffer overflow in the XML parser) is particularly nasty. This is a client side bug which can be triggered by clicking a malicious link from anywhere including emails...

This bug is rated "Extremely Critical", easiest workaround is to use Firefox for browsing until patched.

http://www.microsoft.com/technet/security/advisory/961051.mspx
http://secunia.com/advisories/33089/

The MS-SQL white has potential currently only allows privilege escalation and no remote code execution.

http://www.sec-consult.com/files/20081209_mssql-sp_replwritetovarbin_memwrite.txt

Sentinel IPS has signatures to protect against both.

Expoit Code Release for IE XML vuln:
http://www.milw0rm.com/exploits/7410
http://www.milw0rm.com/exploits/7477
http://www.milw0rm.com/exploits/7403

As always patch, patch, patch!

No comments: