Microsoft being pwned.. again..[CVE-​​2013-​​1347]

[proxx]

http://nakedsecurity.sophos.com/2013/05/11/may-patch-tuesday-coming-up-microsoft-still-not-sure-if-latest-0-day-fix-will-make-the-cut/

https://community.rapid7.com/community/metasploit/blog/2013/05/05/department-of-labor-ie-0day-now-available-at-metasploit

CVE-​​2013-​​1347
This exploit for internet explorer 8 is being used in the wild for a while now.
Microsoft isnt sure if they can fix it before patch Thuesday.
It appears to effect everything from windows XP to 2008/win7.

Up to this day there is no offical patch only a 'fix' tool : http://nakedsecurity.sophos.com/2013/05/09/microsoft-rushes-out-cve-2013-1347-fix-it-for-the-latest-internet-explorer-zero-day/

And if course , as always metasploit is already on the boat.
 
If I have some spare time today Ill do A little demo here.

[Zesh]

More like, IE "pwned.. again..". Why the hell is IE still around?

[Kulverstukas]

lol the dumb ones are always getting pwnd. Who in their right mind would use IE anyway...

[proxx]

More like, IE "pwned.. again..". Why the hell is IE still around?

Uhm yeah IE...mircosoft its just one example of their crap code, all the same to me.
Why I dont know but what I do know is that there are still millions of users, especially companies.
The fun part is that they cant go manually patching 5000 machines, until then they just have to pray

[xC]

Internet Explorer 9 is not vulnerable? They do make crap code but push patches quite frequently. Nobody takes the time to actually update though. Nice find.

[vezzy]

In other news, the weather is cold in Siberia.

[3vilp4wn]

What I love most about IE is that they make a OKish browser with IE 9/10 and stuff, and then don't let XP users upgrade.  Not like I care though, I use firefox.

[rasenove]

Microsoft programmers should take flying lessons, and die while doing it.
(IE takes 2-5 minuts to open a facebook page in slow connections... Total joke)