Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

"FixIt" Patch for CVE-2012-4792 Bypassed

Published: 2013-01-04
Last Updated: 2013-01-04 23:36:34 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

On the 1 Jan 2013, Johannes posted a diary on a Microsoft FixIt made available for IE as a way of mitigating the CVE-2012-4792 zero day attack. Researchers at Exodus Intelligence reported today they have developed a new attack that bypasses the FixIt issued by Microsoft. They were able to bypass and compromised a fully-patched system using some variation of the exploit published this week.

You might want to take a second look at the diary published this week that is using EMET 3.5 as another tool to help defend your Windows systems against various attacks.

[1] https://isc.sans.edu/diary.html?storyid=14788
[2] http://blog.exodusintel.com/2013/01/04/bypassing-microsofts-internet-explorer-0day-fix-it-patch-for-cve-2012-4792/
[3] https://isc.sans.edu/diary.html?storyid=14797

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

0 comment(s)
Diary Archives