Xanda's Blog !~!

CVE-2010-0249 – Aurora IE 0day Exploit :: DEP bypassed

Jan
19

:: Quick update ::

Today, I’ve been working on a video on the Aurora IE 0day exploit PoC that really mimics the original Aurora’s exploit on Google.

However, the original exploit gonna fail if you enable DEP on the machine.

A few minutes back, someone ping and inform me on the new PoC that gonna bypass the DEP. If true, enabling DEP wont protect IE users anymore 😉

But you are still safe if you disable Active Script / JavaScript support for your IE

Here is how you can disable the Active Shit/JavaShit Active Script / JavaScript support in your IE: Advisory

Microsoft Windows XP SP3

May
05

April 29, 2008, Microsoft has publicly release the security update for Windows XP known as Microsoft Windows XP SP3. You can download it [here].


Windows XP SP3 running on VM

For those who are around Melaka, KL and Pahang who want to get a copy of Microsoft Windows XP SP3 bundled in a fresh installation of Windows XP, you can come and see me and don’t forget to bring an empty CD.

I’ve generate a new Windows XP ISO integrated SP3 using nLite, and for those who interested to do it by yourself, you can refer to xanda – /dev/project, follow the step, but dont forget to download and import your service pack