Xanda's Blog !~! » vista http://blog.xanda.org Human Knowledge Belongs To The World. Tue, 13 Jul 2010 10:10:58 +0000 http://wordpress.org/?v=abc en hourly 1 CVE-2010-0249 – Aurora IE 0day Exploit :: DEP bypassed http://blog.xanda.org/2010/01/19/cve-2010-0249-aurora-ie-0day-exploit-dep-bypassed/ http://blog.xanda.org/2010/01/19/cve-2010-0249-aurora-ie-0day-exploit-dep-bypassed/#comments Tue, 19 Jan 2010 12:21:06 +0000 xanda http://blog.xanda.org/?p=1038 :: Quick update ::

Today, I’ve been working on a video on the Aurora IE 0day exploit PoC that really mimics the original Aurora’s exploit on Google.

However, the original exploit gonna fail if you enable DEP on the machine.

A few minutes back, someone ping and inform me on the new PoC that gonna bypass the DEP. If true, enabling DEP wont protect IE users anymore ;)

But you are still safe if you disable Active Script / JavaScript support for your IE

Here is how you can disable the Active Shit/JavaShit Active Script / JavaScript support in your IE: Advisory

]]> http://blog.xanda.org/2010/01/19/cve-2010-0249-aurora-ie-0day-exploit-dep-bypassed/feed/ 0