Monday, June 25, 2007 8:36 AM cmosby

SANS Internet Storm Center - Exploit against MS07-033 being used in the wild

 

Exploit against MS07-033 being used in the wild

Published: 2007-06-23,
Last Updated: 2007-06-23 15:29:36 UTC
by Kyle Haugsness (Version: 1)

The Symantec folks identified a website exploiting a bug from this months Microsoft patches, specifically the Microsoft Internet Explorer Speech API 4 COM Object Instantiation Buffer Overflow Vulnerability.  Here is the URL to their blog entry:

http://www.symantec.com/enterprise/security_response/weblog/2007/06/deepsight_honeynet_detects_obf.html

Apparently, the actual exploit is similar to the proof of concept code posted on a popular exploit site ten days ago.

Source: SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

Filed under: , , , ,

Comments

No Comments