Internet Explorer iepeers.dll severe vulnerability - IE 6 ..

Here you can find everything you need to know about Dll-Files. You can also share your knowledge regarding the topic.

Moderators: DllAdmin, DLLADMIN ONLY

Post Reply
meb
Posts: 116
Joined: 04 Oct 2009, 23:00

Internet Explorer iepeers.dll severe vulnerability - IE 6 &

Post by meb »

Not exactly a new vulnerability, yet should be noted and dealt with.

Yet another exploit being used in the wild affecting iepeers.dll and
its object handling/re-usage.

http://secunia.com/advisories/38860

http://blogs.technet.com/msrc/archive/2 ... eased.aspx

http://www.us-cert.gov/cas/bulletins/SB10-074.html
{also note the Excel vulnerabilities}

Microsoft Security Advisory (981374)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: March 09, 2010 - Updated: March 12, 2010
http://www.microsoft.com/technet/securi ... 81374.mspx

Note the:
Suggested Actions
Workarounds

Be aware of how its being used and that it is being used, and make
efforts to control its usage.


--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

meb
Posts: 116
Joined: 04 Oct 2009, 23:00

Re: Internet Explorer iepeers.dll severe vulnerability - IE

Post by meb »

On 03/15/2010 04:45 PM, Hot-text wrote:
> I see that blogs.technet.com say to get a:::: enabling a firewall,
> getting software updates, and installing antivirus software!
>

There is also the warnings to disable Active content and check your
Zone settings [High and further restrictions], restrict site access on a
per site basis, with other suggestions per OS involved.

>
>
> "MEB" <MEB-not-here@hotmail.com> wrote in message
> news:eMDnHVHxKHA.4552@TK2MSFTNGP04.phx.gbl...
>>
>> Not exactly a new vulnerability, yet should be noted and dealt with.
>>
>> Yet another exploit being used in the wild affecting iepeers.dll and
>> its object handling/re-usage.
>>
>> http://secunia.com/advisories/38860
>>
>> http://blogs.technet.com/msrc/archive/2 ... eased.aspx
>>
>>
>> http://www.us-cert.gov/cas/bulletins/SB10-074.html
>> {also note the Excel vulnerabilities}
>>
>> Microsoft Security Advisory (981374)
>> Vulnerability in Internet Explorer Could Allow Remote Code Execution
>> Published: March 09, 2010 - Updated: March 12, 2010
>> http://www.microsoft.com/technet/securi ... 81374.mspx
>>
>> Note the:
>> Suggested Actions
>> Workarounds
>>
>> Be aware of how its being used and that it is being used, and make
>> efforts to control its usage.
>>
>>
>> --
>> MEB
--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

meb
Posts: 116
Joined: 04 Oct 2009, 23:00

Re: Internet Explorer iepeers.dll severe vulnerability - IE

Post by meb »

On 03/15/2010 11:50 PM, 98 Guy wrote:
> MEB wrote:
>
>> Not exactly a new vulnerability, yet should be noted and dealt with.
>
> How do you define new?
>
> This one is only a week old.
>
> Here's a not-bad technical explanation:
>
> http://pandalabs.pandasecurity.com/demo ... nerability
>
> I've seen no evidence or comments anywhere indicating that the exploit
> functions properly on win-98.
>
> And I keep saying that only morons are still using IE6 as their primary
> browser.
>
> If you run Firefox 2.0.0.20 on win-98 systems, and use that add-on that
> I mentioned in a previous post to change your user-agent to make it look
> like you're running FF 3.x on a win-XP system, then no malicious website
> will be able to send you correct exploit code.


Well, you are an excellent example of a moron...

Are you that stupid,,, uh yes you are. YOU think changing your browser
indicator protects you from exploits... STTTTTUUUUUUPPPPPIIIIIDDDDDD
IIIIDDDDDIIIOOOTTT...

The systems are probed for exploits NOT based upon the browser
indicator but upon available OS, specific browser vulnerabilities, and
other discovered,, go back to your rock...

As for FF2 it was left with the XSS exploit and several others, dorkie
doodooo, but you know that, as WE discussed it WITH the mozilla forum
specific discussions...

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

meb
Posts: 116
Joined: 04 Oct 2009, 23:00

Re: Internet Explorer iepeers.dll severe vulnerability - IE

Post by meb »

On 03/16/2010 06:52 PM, Sunny wrote:
> "MEB" <MEB-not-here@hotmail.com> wrote in message
> news:%23RlSAWSxKHA.1692@TK2MSFTNGP04.phx.gbl...
>> You really haven't got a clue about anything do you...
>> MEB
>
>
>


And now we have the normal from one of our most "loved" trolls, Sunny.

So Sunny, what words of wisdom do you have for the world, tell us oh
wise one?

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

Post Reply