Update: After we reported our bypasses to Microsoft, they released the MS13-008 bulletin to patch CVE-2012-4792 officially.
After posting our analysis of the current 0day in Internet Explorer which was used in a “watering hole” style attack hosted on the Council for Foreign Relations website, we decided to take a look at the Fix It patch made available by Microsoft to address the vulnerability. After less than a day of reverse engineering, we found that we were able to bypass the fix and compromise a fully-patched system with a variation of the exploit we developed earlier this week.
We have included details on the bypass to customers of our intelligence feeds and will notify Microsoft of the issue. In practice with coordinated vulnerability disclosure, we intend to update this post with details when Microsoft has addressed the problematic patch.
For more information, keep an eye on this post or contact us to inquire about our offerings.
Pingback: VU#154201: Microsoft Internet Explorer CButton use-after-free vulnerability | Varanoid.comVaranoid.com
Pingback: DD Tech Solutions - Researchers bypass Microsoft’s temporary fix for IE6, IE7, and IE8 vulnerability; patch still MIA
Great work!
Pingback: 安全公司表示:已发现绕过IE6-8某修复补丁的方法
Pingback: 国外安全公司:已发现绕过IE6-8某修复补丁的方法 - 游侠安全网
Pingback: 安全公司表示:已发现绕过IE6-8某修复补丁的方法_警告! - Z的新闻
Pingback: Una empresa de seguridad descubre en 24 horas la solución al exploit de Internet Explorer
Pingback: Una empresa de seguridad descubre en 24 horas la solución al exploit de Internet Explorer Where Is My Software
Pingback: oday, patch i omijanie patcha | Zaufana Trzecia Strona
Pingback: Neuer Exploit für Lücke im Internet Explorer | Edv-Sicherheitskonzepte.de – News Blog aus vielen Bereichen
Pingback: It Marks the End of 2012 « Y.C's Blog
Pingback: Hackers find another zero-day hole in Internet Explorer « Breaking News « Theory Report
Pingback: Ein neuer Exploit für die Internet Explorer-Lücke | Klaus Ahrens: News, Tipps, Tricks und Fotos
Pingback: Security News #0×30 « CyberOperations
Pingback: Sicherheitsforscher hebeln Fix-it-Tool für Zero-Day-Lücke in Internet Explorer aus
Pingback: Internet Explorer: Bedrohung durch Zero-Day-Lücke hält ansilicon.de
Pingback: Faille Internet Explorer : le patch temporaire est déjà contourné | ALL TRAINING – centre de formation -sur mesure à Bruxelles Lille Anvers Amsterdam Corfu
Pingback: Faille Internet Explorer : le patch temporaire est déjà contourné Montserrat Agence de Communication
Pingback: Código burla ‘remendo’ da Microsoft para falha no Internet Explorer 8 – Globo.com | fontes ss
Pingback: ste williams » Security bods rip off Microsoft’s ‘sticking plaster’ IE bug fix
Pingback: Código burla ‘remendo’ da Microsoft para falha no Internet Explorer 8 – Globo.com | suporte-robot-posters.net.tf
Pingback: Security bods rip off Microsoft’s ‘sticking plaster’ IE bug fix | Gens News
Pingback: Security bods rip off Microsoft’s ‘sticking plaster’ IE bug fix | Technophile
Pingback: Someone has bypassed Microsoft’s Fix It for the IE 8 zero-day vulnerability already | LIVE HACKING
Pingback: January 2013 Patch Tuesday: Patches, but none for the IE 0day! | BeyondTrust
Pingback: Microsoft Black Tuesday: Updates Correct .NET and MSXML Flaws | WatchGuard Security Center
Pingback: Security experts stress urgency of patching Windows XML flaw | EZSPK
Pingback: Microsoft released seven comprehensive security bulletins | My Blog
Pingback: Microsoft publicará siete boletines de seguridad, sin corregir el 0day de Internet Explorer : Ibeamaka
Pingback: IT Secure Site » Blog Archive » January 2013 Patch Tuesday
Pingback: Bug festif du premier janvier… et conséquences d’un abus de Fix-It - CNIS mag
Pingback: SafeTI Blog – Windows: Update da Microsoft conserta falha grave no sistema
Pingback: Microsoft repariert ältere IE-Versionen außerhalb des Patch-Day - ComputerBase
Pingback: Get Latest News Around The World