TechLabs has received reports from other security teams regarding the availability of a 0-day exploit targeting Microsoft Internet Explorer 7.
As of this writing, there is not patch available from Microsoft. Users should take note that the recent cumulative fix released by Microsoft (http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx) does not protect them from this exploit.
2.0 Impact
The exploitation requires users to visit a site that contains the exploit code. Successful exploitation allows remote code execution by the attacker.
3.0 Affected Products and Platforms
IE7 on Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008
4.0 Mitigation
As currently there is no fix available from Microsoft, users are encouraged to apply mitigation techniques proposed by in [1] if they wish to use IE7. Users may also consider using alternative browsers such as Mozilla Firefox or Opera while waiting for the problem to be resolved.
In addition, system administrator may block traffic from the internal network going to known
IE7 exploit sites that are published by ShadowServer Foundation in [2].
5.0 References
* Microsoft Security Advisory on IE 7 Vulnerability
http://www.microsoft.com/technet/security/advisory/961051.mspx
* IE 7 Exploit Sites -
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20081210
* SANS Handlers Diary - http://isc.sans.org/diary.html?storyid=5458
* Trend Micro Blog -
http://blog.trendmicro.com/zero-day-ie-flaw-being-actively-exploited/
* Symantec Blog -
https://forums.symantec.com/syment/blog/article?blog.id=vulnerabilities_exploits&thread.id=180
6.0 Suggestion
For those who're using IE 7, adviseable to stop and use firefox, google chrome. Download HERE
