diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Microsoft Addressing ‘Exploit:Win32/CVE-2010-3962’ Zero-day Exploit In December Patch Tuesday

Microsoft Malware Protection Center has been tracking a recent 0-day vulnerability (Exploit:Win32/CVE-2010-3962) for Internet Explorer. As public exploit code became available and attackers began integrating the code into their toolkits. The attack patterns for this vulnerability have been somewhat unusual.

Exploit:Win32/CVE-2010-3962: 0-day vulnerability

“One explanation might be that the attackers didn’t achieve the success rate that they had hoped. Because, when you combine Windows 7, Vista and Server 20008 with IE8 and above, DEP/ASLR technologies are enabled by default to protect IE. So, perhaps the attackers haven’t been reaching the attack surface they had originally hoped and are starting to move on.”

The following charts shows the number of XP and Windows 2003 systems reporting attack attempts versus Vista and Windows 7:

CVE-2010-3962 attack attempts by target OS

Microsoft’s now addressing this issue in Dec. 14 security release.


Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...