[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4d1d4f51001220828v30f6a444rf116f13221d4d994@mail.gmail.com>
Date: Fri, 22 Jan 2010 11:28:05 -0500
From: James Birk <jamesbirk@...il.com>
To: "noreply-secresearch@...tinet.com" <noreply-secresearch@...tinet.com>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>,
bugtraq <bugtraq@...urityfocus.com>
Subject: Re: FortiGuard Advisory: Microsoft Internet
Explorer Remote Memory Corruption Vulnerability
Good to see nothing's changed with Bugtraq in fifteen years. Anyone want to
point me to a security list where ads like the one below are not allowed?
2010/1/21 noreply-secresearch@...tinet.com <noreply-secresearch@...tinet.com
>
> Microsoft Internet Explorer Remote Memory Corruption Vulnerability
> 2010.January.21
>
> Summary:
> ========
> Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability
> in Microsoft's Internet Explorer.
>
> Impact:
> =======
> Remote Code Execution.
>
> Risk:
> =====
> Critical
>
> Affected Software:
> ==================
> For a list of Internet Explorer versions affected, please see the Microsoft
> Security Advisory reference below.
>
> Additional Information:
> =======================
> In order to compromise a system / remotely execute code, an attacker would
> lure a user to a maliciously crafted website. When a user views the Web
> page, the vulnerability could allow remote code execution. An attacker who
> successfully exploited this vulnerability could gain the same user rights as
> the logged-on user. If a user is logged on with administrative user rights,
> an attacker who successfully exploited this vulnerability could take
> complete control of an affected system.
>
> Solutions:
> ==========
> Since an attack scenario would require a user to visit a malicious website,
> it is recommended to have a layered security solution through webfiltering
> and intrusion prevention for mitigation.
>
> * Use the solution provided by Microsoft (MS10-002).
> * FortiGuard Labs released the signature
> "MS.IE.MergeAttributes.Remote.Code.Execution".
> o Advanced zero-day protection has been available since September
> 3, 2009.
>
> FortiGuard Labs continues to monitor attacks against this vulnerability.
>
> Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS)
> service should be protected against this vulnerability. Fortinet's IPS
> service is one component of FortiGuard Subscription Services, which also
> offer comprehensive solutions such as antivirus, Web content filtering and
> antispam capabilities. These services enable protection against threats on
> both application and network layers. FortiGuard Services are continuously
> updated by FortiGuard Labs, which enables Fortinet to deliver a combination
> of multi-layered security intelligence and true zero-day protection from new
> and emerging threats. These updates are delivered to all FortiGate,
> FortiMail and FortiClient products. Fortinet strictly follows responsible
> disclosure guidelines to ensure optimum protection during a threat's
> lifecycle.
>
> References:
> ===========
> FortiGuard Advisory: http://www.fortiguard.com/advisory/FGA-2010-05.html
> Microsoft Security Bulletin:
> http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx
> CVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0247
>
> Acknowledgement:
> ================
> Haifei Li of Fortinet's FortiGuard Labs
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists