Zero-day exploit hits Internet Explorer

by admin December 10, 2008 at 9:20 pm

One flaw not addressed in yesterday’s Patch Tuesday is a heap overflow within the XML parser reported on Wednesday by Bojan Zdrnja of the SANS Internet Storm Center.

The exploit in the wild on Wednesday creates an XML tag, then waits 6 seconds in an attempt to thwart antivirus engines. The exploit could then crash the browser and run malicious code when the browser is restarted. The user must be running Windows XP or Windows Server 2003, and using Internet Explorer 7.

Zdrnja writes that “at this point in time, it does not appear to be wildly used, but as the code is publicly available, we can expect that this will happen very soon.”

Read more: