IE Flaw Exploit In Hacker Kit 'Raises the Stakes'

CWmike writes "Roger Thompson, chief research officer of AVG Technologies, said Sunday that an exploit for the newest IE flaw had been added to the Eleonore crimeware attack kit. 'This raises the stakes considerably, as it means that anyone can buy the kit for a few hundred bucks, and they have a working zero-day,' Thompson said on his company's blog. Microsoft has promised to patch the vulnerability, but last week said the threat didn't warrant an 'out-of-band' update. Microsoft will deliver three security updates Nov. 9, but won't fix the IE bug then."

Re:Bug is really for Windows XP

[hairyfeet]

For those on XP there is an easy way that will probably work to stop this cold. I say probably because I haven't had the time to look for an attack site and play with the code. But on XP you can use the Free Comodo Internet Security or Comodo Av (both free) and under "Defense +" settings choose to run IE always in the sandbox. This will keep IE from doing any real registry or file writing, instead dumping any writes to a virtual registry and file system that is locked off from the OS.

While I agree it is MUCH better to have DEP and ASLR, there are still tons of quite good machines out there that simply don't support those features and are still running XP. For those machines I use Comodo Internet Security and so far I have yet to have a customer or family member running it to come back pwned. Of course I try my damnedest to get them off of IE and onto FF, as we can see with TFA IE is still to big a target.