CVE-2010-0249 – Aurora IE 0day Exploit :: DEP bypassed
Posted: January 19th, 2010 | Author: xanda | Filed under: IT Related | Tags: 0day, aurora, CVE-2010-0249, DEP, exploit, IE, internet explorer, vista, windows, windows 7, xp | No Comments »:: Quick update ::
Today, I’ve been working on a video on the Aurora IE 0day exploit PoC that really mimics the original Aurora’s exploit on Google.
However, the original exploit gonna fail if you enable DEP on the machine.
A few minutes back, someone ping and inform me on the new PoC that gonna bypass the DEP. If true, enabling DEP wont protect IE users anymore 😉
But you are still safe if you disable Active Script / JavaScript support for your IE
Here is how you can disable the Active Shit/JavaShit Active Script / JavaScript support in your IE: Advisory