[ISN] Unpatched DLL bugs let hackers exploit Windows 7 and IE9, says researcher

From: InfoSec News <alerts_at_private>
Date: Mon, 9 May 2011 03:06:10 -0500 (CDT)

By Gregg Keizer
May 6, 2011

Although Microsoft has patched multiple DLL load hijacking 
vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) 
can still be exploited, a security company warned today.

Microsoft confirmed that it's investigating the claims by Slovenia-based 
Acros Security.

Researchers from Acros will demonstrate the new attacks at the Hack in 
the Box security conference in Amsterdam later this month.

"We'll reveal how IE8 and IE9 can be used on Windows 7, Vista and XP for 
attacking users without any security warnings, even in 'Protected mode,' 
and how to remotely make many seemingly-safe applications, for example, 
Word 2010 and PowerPoint 2010, vulnerable," said Acros CEO Mitja Kolsek 
in a Friday email.

The attack class called "DLL load hijacking" by some, but dubbed "binary 
planting" by Acros, jumped into public view last August when HD Moore, 
the creator of the Metasploit penetration hacking toolkit and chief 
security officer at Rapid7, found dozens of vulnerable Windows 
applications. Moore's report was followed by others, including several 
from Kolsek and Acros.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Mon May 09 2011 - 01:06:10 PDT

This archive was generated by hypermail 2.2.0 : Mon May 09 2011 - 01:12:06 PDT