From TFA:
The PoC makes use of the following vulnerability and therefore for testing the
PoC the patch must not be installed.
MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
This vulnerability is identified as CVE-2012-4969.
So it's already preventable. (Yes, yes, patching is a bitch, doesn't happen, etc etc.)
And also, it's already detected:
Please note that Windows Defender detects the Win8 PoC as being an exploit and
blocks execution.
Yes, it's an interesting PoC, but it's not exactly taking my breath away overall.
Slashdot Mirror
From TFA: The PoC makes use of the following vulnerability and therefore for testing the PoC the patch must not be installed. MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability This vulnerability is identified as CVE-2012-4969. So it's already preventable. (Yes, yes, patching is a bitch, doesn't happen, etc etc.) And also, it's already detected: Please note that Windows Defender detects the Win8 PoC as being an exploit and blocks execution. Yes, it's an interesting PoC, but it's not exactly taking my breath away overall.