New Metasploit 0-day exploit for IE 7, 8 & 9 on Windows XP, Vista, and 7

We have some Metasploit freshness for you today: A new zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista and 7. Computers can get compromised simply by visiting a malicious website, which gives the attacker the same privileges as the current user. Since Microsoft has not released a patch for this vulnerability yet, Internet users are strongly advised to switch to other browsers, such as Chrome or Firefox, until a security update becomes available.

 

The exploit had already been used by malicious attackers in the wild before it was published in Metasploit. The associated vulnerability puts about 41% of Internet users in North America and 32% world-wide at risk (source: StatCounter). We have added the zero-day exploit module to Metasploit to give the security community a way to test if their systems are vulnerable and to develop counter-measures.

 

Here's the back story: Some of you may remember that a couple of weeks ago, the Metasploit exploit team released a blog regarding a new Java exploit (CVE-2012-4681), with a blog entry titled "Let's Start the Week with a New Java 0day in Metasploit". You'd think the 0-day attack from the same malicious group might cool down a little after that incident... well, you'd be wrong. Because last weekend, our fellow researcher and Metasploit contributor Eric Romang just spotted another 0-day, possibly from the same group, exploiting a Microsoft Internet Explorer use-after-free vulnerability.

 

The Metasploit team has had the pleasure to work with Mr. Romang and @binjo together, and pretty soon we had a working exploit. You may download Metasploit here, and apply the latest update to pick up the exploit.

 

The following screenshot demonstrates a successful attack against a Windows 7 machine with Internet Explorer 9 installed:

 

Screen shot 2012-09-17 at 7.59.19 AM.png

 

This one is against Internet Explorer 8 installed:

 

Screen shot 2012-09-16 at 5.32.08 PM.png

 

Here's another example exploiting a fully-patched Windows XP SP3 box:

 

screenshot.png

 

The exploit also works against Windows Vista, but I think you guys get the point now.

 

To try out this module, get your free Metasploit download now, or update your existing installation. In the meantime, we will keep this blog updated when more progress has been made.

Published by:

CWZ's picture

Name
Reza Rafati

Information
I am the founder of Cyberwarzone.com and I focus on sharing and collecting relevant cyberconflict news., The goal of Cyberwarzone is to provide the world a portal with global cyberwar information. The effort in getting this cyberwarfare information is hard. But as the internet is growing we need to get an global cyberwar & cybercrime monitoring system., By the people and for the people. We will be gathering information about Cybercrime, Cyberwarfare and hacking. LinkedIn: http://www.linkedin.com/pub/reza-rafati-%E2%99%82/1a/98b/197

Country
The Netherlands

My website
Cyberwarzone.com

Twitter:
http://twitter.com/#!/cyberwarzonecom