Internet Explorer CMshtmlEd::Exec() 0day
As discussed    in Twitter couple of hours ago,without any delay, Metasploit team did very well in their part to release the working version of the exploit and port it to their framework. Awesome work guys! Some workarounds are available in MyCERT’s writeup
$ yara -r newIE0daymshtmlExec.yar /tmp/0dayIE/ newIE0daymshtmlExec /tmp/0dayIE//CVE-IE8 0day/2a2e2efffa382663ba10c492f407dda8a686a777858692d073712d1cc9c5f265_Protect.html newIE0daymshtmlExec /tmp/0dayIE//CVE-IE8 0day/9d66323794d493a1deaab66e36d36a820d814ee4dd50d64cddf039c2a06463a5_exploit.html newIE0daymshtmlExec /tmp/0dayIE//Niuya.html newIE0daymshtmlExec /tmp/0dayIE//nJcfzl.html
And.. I’m ready with the detection “rule” and as mention in previous entry, it will only be share with several private group. If you need to get the feeds, kindly drop me an email at adnan.shukor @ G!
Metasploit detection rate: