Wednesday, September 19, 2012

ie_execcommand_uaf xp only?

With the release of the latest Internet Explorer 0day exploit, I was eager to get an environment up to test it out.

I decided to test out two environments.

1)  Windows 7 fully patched with the latest Java version and IE9

2)  Windows XP SP3 fully patched without Java and IE8

My testing proved unsuccessful against the configuration (1) above.  I was very successful in crashing IE 9, but was not able to exploit it at all.  I would have to do some more analysis with this, but a quick google search reveals that I am not alone in this finding.  I think that scope of this 0day might have been exaggerated a bit.  I did not spend a ton of time on this, but I did try of couple of different configurations.

Configuration (2) above, however, did not fair so well.  IE8 still seems to be in use at about 20% of all browsers (and probably 90% of all corporate browsers).  I think given those facts, this is still a pretty important 0day.