It's bad enough that they leave the front door wide open See: Video of IE Exploit (createTextRang) using the latest Metasploit code.
Then Microsoft has to wait until patch Tuesday to release a fix for the latest IE issue. "Fine", say the brave and intrepid. Just like the WMF hole, well patched by Ilfak Guilfanov, now eEye and Determina have released their own patches for the MS Internet Explorer (createTextRang) vulnerability. See: Security Watch: Zero-Day Attack Advances Unpatched.
Is there a new industry on the horizon? Perhaps not a pay-per-use model, given the short life cycle before Patch Tuesday, but perhaps corporate sponsorships from those who seek glory in the face of the evil empire. Seems unlike Microsoft to create a market they can't corner, but who knows.
Subscribe to:
Posts (Atom)
Moving blog to HolisticInfoSec.io
toolsmith and HolisticInfoSec have moved. I've decided to consolidate all content on one platform, namely an R markdown blogdown sit...
-
Continuing where we left off in The HELK vs APTSimulator - Part 1 , I will focus our attention on additional, useful HELK features to ...
-
As you weigh how best to improve your organization's digital forensics and incident response (DFIR) capabilities heading into 2017, cons...
-
Ladies and gentlemen, for our main attraction, I give you...The HELK vs APTSimulator, in a Death Battle! The late, great Randy "Macho...