Similar Searches

  • Exploit Shield Protects Against New IE7 Vulnerability (March 12, 2009)

    As Sean predicted a week ago, we now have exploit code in-the-wild for MS09-002, a vulnerability in Internet Explorer 7. The exploit downloads a file named jc.exe from a server in China.Exploit:W32/JSShell.A is our

  • Exploit Shield – F-Secure’s Solution to Zero-Day Exploits (January 8, 2009)

    Our previous post highlighted a recently disclosed vulnerability which exists in Microsoft Internet Explorer… and that there are currently websites hosting exploits targeting the vulnerability. Today our Vulnerability Response team would like to offer you our Security

  • Exploit Shield 0.60 Beta (March 9, 2009)

    A new version (0.60) of our F-Secure Exploit Shield Beta is now available. Our first public beta was released two months ago.You may also remember that Microsoft patched MS08-078 around the same time. Multiple

  • Exploit Shield FTW (December 16, 2009)

    Microsoft published a Security Advisory on Monday for a vulnerability in Internet Explorer 6 and IE7 that could allow for remote code execution. IE8 is not affected.Currently, there are no reports of this vulnerability being

  • Exploit Shield vs DirectShow (June 26, 2009)

    We posted a link to Microsoft Advisory 971778 / CVE-2009-1537 last week.The advisory details a vulnerability in Microsoft's DirectShow, quartz.dll, affecting QuickTime parsing. (Not a QuickTime vulnerability.) Microsoft has reported some use of an

Related News

  • Exploit Shield Protects Against New IE7 Vulnerability (March 12, 2009)

    As Sean predicted a week ago, we now have exploit code in-the-wild for MS09-002, a vulnerability in Internet Explorer 7. The exploit downloads a file named jc.exe from a server in China.Exploit:W32/JSShell.A is our

  • Exploit Shield – F-Secure’s Solution to Zero-Day Exploits (January 8, 2009)

    Our previous post highlighted a recently disclosed vulnerability which exists in Microsoft Internet Explorer… and that there are currently websites hosting exploits targeting the vulnerability. Today our Vulnerability Response team would like to offer you our Security

  • Exploit Shield 0.60 Beta (March 9, 2009)

    A new version (0.60) of our F-Secure Exploit Shield Beta is now available. Our first public beta was released two months ago.You may also remember that Microsoft patched MS08-078 around the same time. Multiple

  • Exploit Shield FTW (December 16, 2009)

    Microsoft published a Security Advisory on Monday for a vulnerability in Internet Explorer 6 and IE7 that could allow for remote code execution. IE8 is not affected.Currently, there are no reports of this vulnerability being

  • Exploit Shield vs DirectShow (June 26, 2009)

    We posted a link to Microsoft Advisory 971778 / CVE-2009-1537 last week.The advisory details a vulnerability in Microsoft's DirectShow, quartz.dll, affecting QuickTime parsing. (Not a QuickTime vulnerability.) Microsoft has reported some use of an

Latest News

Beta test spammers target forum users

Malicious Search Suggestions with Google Instant

0-day for Adobe Reader 9.3.4

Return of the Unpublished Adobe Vulnerability

Adobe PDF Zero-Day Exploit Discovered in the Wild

F-Secure’s Exploit Shield Blocks the “Aurora” Exploit

Microsoft recently announced a new vulnerability in certain versions of its Internet Explorer web browser. If exploited, the vulnerability (CVE 2010-0249) can allow remote code execution.

Announcement of this vulnerability follows on the heels of last week’s targeted zero-day attacks against a number of companies.

Since we are talking about a targeted attack, many companies and organizations have contacted us asking about solutions for attacks like this. We’re happy to report that F-Secure Internet Security blocked this exploit proactively. This is made possible by the Exploit Shield element in our Browsing Protection feature.

So far we’ve only seen a handful of samples that exploit this vulnerability. To protect users with older versions of our products and to add gateway detection, we have added specific detection for the known samples as well. We detect the exploit code as Exploit:JS/Agent.MZF, while the payload is detected as Exploit:JS/Comele.A.

Below is a quick video showing the Exploit Shield feature in action. It isn’t narrated, but the whole thing is pretty straightforward.

Not all antivirus solutions are equal. Our Exploit Shield was able to block “Operation Aurora” attacks before they were made.

On 18/01/10 At 05:52 AM

  • Exploit Shield Protects Against New IE7 Vulnerability (March 12, 2009)

    As Sean predicted a week ago, we now have exploit code in-the-wild for MS09-002, a vulnerability in Internet Explorer 7. The exploit downloads a file named jc.exe from a server in China.Exploit:W32/JSShell.A is our

  • Exploit Shield – F-Secure’s Solution to Zero-Day Exploits (January 8, 2009)

    Our previous post highlighted a recently disclosed vulnerability which exists in Microsoft Internet Explorer… and that there are currently websites hosting exploits targeting the vulnerability. Today our Vulnerability Response team would like to offer you our Security

  • Exploit Shield 0.60 Beta (March 9, 2009)

    A new version (0.60) of our F-Secure Exploit Shield Beta is now available. Our first public beta was released two months ago.You may also remember that Microsoft patched MS08-078 around the same time. Multiple

  • Exploit Shield FTW (December 16, 2009)

    Microsoft published a Security Advisory on Monday for a vulnerability in Internet Explorer 6 and IE7 that could allow for remote code execution. IE8 is not affected.Currently, there are no reports of this vulnerability being

  • Exploit Shield vs DirectShow (June 26, 2009)

    We posted a link to Microsoft Advisory 971778 / CVE-2009-1537 last week.The advisory details a vulnerability in Microsoft's DirectShow, quartz.dll, affecting QuickTime parsing. (Not a QuickTime vulnerability.) Microsoft has reported some use of an

Write a Comment

Copyright © 2010 The Security Blog. All rights reserved.