Threat Level: green Handler on Duty: Russ McRee

SANS ISC: "FixIt" Patch for CVE-2012-4792 Bypassed - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
"FixIt" Patch for CVE-2012-4792 Bypassed

On the 1 Jan 2013, Johannes posted a diary on a Microsoft FixIt made available for IE as a way of mitigating the CVE-2012-4792 zero day attack. Researchers at Exodus Intelligence reported today they have developed a new attack that bypasses the FixIt issued by Microsoft. They were able to bypass and compromised a fully-patched system using some variation of the exploit published this week.

You might want to take a second look at the diary published this week that is using EMET 3.5 as another tool to help defend your Windows systems against various attacks.

[1] https://isc.sans.edu/diary.html?storyid=14788
[2] http://blog.exodusintel.com/2013/01/04/bypassing-microsofts-internet-explorer-0day-fix-it-patch-for-cve-2012-4792/
[3] https://isc.sans.edu/diary.html?storyid=14797

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Guy

427 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!