IE Vulnerability Update #Japan #Metasploit

Microsoft’s Security Advisory (2887505), regarding a vulnerability in Internet Explorer, was issued just over two weeks ago. We added exploit detection soon thereafter. At the time, Microsoft reported that exploitation of the vulnerability was in limited use.

Microsoft Security Advisory for CVE-2013-3893

Since then, evidence of attacks on Japanese targets via media sites has surfaced.

And in the last week, our customer upstream data indicates limited use within Taiwan.

Most importantly, there is now Metasploit support for CVE-2013-3893. So it’s only a matter of time before it’s added to popular exploit kits such as Blackhole. If not this week, then almost certainly a day or two after Microsoft releases its patch next Tuesday.

We recommend avoiding IE (if possible) until it’s updated. If you manage a network, Microsoft has a Fix it tool available.

On 02/10/13 At 12:28 PM

Read more: IE Vulnerability Update #Japan #Metasploit

Story added 2. October 2013, content source with full text you can find at link above.