Report of POC code bypasses Data Execution Prevention

Microsoft released an update to Advisory 979352, in relation to reports of proof of concept (POC) code that “bypasses Data Execution Prevention (DEP) and additional information on exploitability, mitigations and workarounds for, Microsoft products that use mshtml.dll.” “Based on our comprehensive monitoring, we continue to see only limited attacks, still target Internet Explorer 6 - […]

Microsoft released an update to Advisory 979352, in relation to reports of proof of concept (POC) code that “bypasses Data Execution Prevention (DEP) and additional information on exploitability, mitigations and workarounds for, Microsoft products that use mshtml.dll.” “Based on our comprehensive monitoring, we continue to see only limited attacks, still target Internet Explorer 6 - this’s also confirmed by the attack samples our Microsoft Active Protections Program (MAPP) partners have sent in. Elevation of Privilege (EoP) vulnerability in Windows kernel, affecting all currently supported versions of 32-bit / 64-bit Windows, including Windows Server 2008 R2, are not affected. While we’ve not seen real-world attacks for any other platform.” Here’s the current state-of-the-art on each platform:

More info: MSRC blog