IE & WordPad Zero Day In-The-Wild
IE XML Parsing Remote Buffer OverFlow Exploit [Read Shadowserver Diary]
As many of you have seen, there is a new 0-day exploit in the wild affecting Internet Explorer 7 users. This is a new exploit that is being actively exploited and it was not patched yesterday (meaning there is no patch available, yet). Visiting a website with this exploit can result in a full compromise of an affected system. Currently most of the exploits out there will attempt to download a trojan onto the system.
Recommendation: Do NOT use IE until patch.
Microsoft Security Advisory (960906): Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
Recommendation: Do not use WordPad to open files with .doc, .wri, or .rtf extensions that you receive from untrusted sources or receive unexpectedly from trusted sources. This vulnerability could be exploited when using WordPad to open a specially crafted file. We also recommend customers using Windows XP to upgrade to Windows XP Service Pack 3, which is not affected.
Affected Systems: Microsoft Windows 2000 Service Pack 4; Windows XP Service Pack 2 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 ;Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 ; Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems ; Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2