Zero-day Internet Explorer VML exploit demonstrated
Last Tuesday, I warned you of two
zero-day vulnerabilities that were plaguing Internet Explorer (IE). Over
the past week, the severity of the IE VML vulnerability has escalated
significantly due to the public release of new exploit code. The workaround
mentioned last week, disabling Javascript, is no longer effective
against threats discovered over the weekend. In WatchGuard's first ever vlog
(video log) post, I
demonstrate how one of the VML IE vulnerabilities can be exploited -- and how
you can fix it. -- Corey
Nachreiner, CISSP
(If video doesn't play, double-click on the video window)
