|
BSST (Broadweb Security Service Team) has released a
signature in pattern 3.41:
#1052276_EXPLOIT IE CreateTextRange overflow
attempt
This signature is made to defend against the newly
discovered critical vulnerability in Microsoft IE. When MS IE
employs the createTextRange() DHTML method, IE fails to
correctly handle the method and can allow a remote,
unauthenticated attacker to execute arbitrary code.
Moreover, It has been confirmed that a fully patched
Microsoft XP SP2 with IE 6.0/ IE 7.0 Beta 2 Preview is
affected by this vulnerability. Official patch from Microsoft
is still not available yet as of March 27, 2006.
NetKeeper users are advised to upgrade their signature
patterns to version pattern 3.41 in order to thwart exploits
based on this vulnerability
Reference:
Broadweb Security Service Team (BSST) - Empower Your
Network Security Broadweb NetKeeper Intruder Prevention System
delivers the protection against intrusion, worms, DDOS,
Instant messaging, P2P, Web-Mail, and Web
Post. | 