IE Zero-Day Exploit

B

Bill Sanderson

Here's what the KB article says, in part:
------------------------------------------------------------
The Msdds.dll COM object could cause Microsoft Internet Explorer to
unexpectedly quit. We are investigating a public report of a vulnerability
that affects Internet Explorer. We are not aware of any attack where a
malicious user has tried to use the reported vulnerability. We are not aware
of any customer affect at this point.
------------------------------------------------------------
Note the last two sentences, in particular.

This vulnerability is in a specific DLL file which is not part of a normal
Windows install.

The file in question is MSDDS.DLL. If you do not have this file on your
system you are not vulnerable.

Please read the advisory--second reference. In the workarounds section, the
third workaround is fairly easy to accomplish and should have no possible
adverse effects.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to test MDS (Zombieload) patch status on Windows systems 1
Microsoft WMF vulnerability advisory revised 15
New Zero Day IE vulnerability 0
OT Another Internet Explorer 0day 1
Time to disable thumbnail viewing in XP and Windows Server 8
Patch Time Folks 10
[ O T ] Microsoft Security Bulletin Advance Notification for March 2010 1
Unpatched Microsoft XML Core Services flaw increasingly targeted inattacks 1

Top