Thursday, May 30, 2013

MS13-034 [CVE- 2013-1347]

http://blogs.technet.com/b/msrc/archive/2013/05/03/microsoft-releases-security-advisory-2847140.aspx

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1347

 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly allocated or is deleted, as exploited in the wild in May 2013.

한국의 대부분 사용자들이 IE를 사용하는데 IE 취약점이라 위험성이 크고
이를 이용해 정보유출을 시도하는 케이스들이 발견되고 있으니
반드시 패치를 하시길!



Obfuscated javascript


Decoded javascript























MS IE 8 Vulnerability

Wednesday, May 29, 2013