Precisely saying: The Microsoft Internet Explorer vulnerability leveraged in this attack allows for remote code execution, but does require user intervention (such as following a hyperlink to a website, or opening an email attachment, etc). Furthermore, the single exploit known to exist can be thwarted by Data Execution Prevention (DEP), enabled by default in Internet Explorer 8 and optionally in Internet Explorer 7. Microsoft lists the following combinations to be vulnerable: Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are affected.
Source: http://www.avertlabs.com/research/blog/index.php/2010/01/14/more-details-on- operation-aurora/ -----Original Message----- From: Yash Kadakia [mailto:[email protected]] Sent: 16 January 2010 20:28 To: [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-Mumbai] Google may wrap up business from China Just an FYI: It is only exploitable on IE 6. IE 7 & 8 have DEP protection which prevents exploitation (as per HD's twitter posts). Regards - Yash Yash Kadakia Office: +91-022-23612909 Office: +1-347-99-ITSEC (+1-347-994-8732) Mobile: +91-9833375290 Blog: http://www.yashkadakia.com/ Sent on my BlackBerryR from Vodafone -----Original Message----- From: "Soi, Dhruv" <[email protected]> Date: Sat, 16 Jan 2010 20:25:27 To: <[email protected]>; <[email protected]> Subject: Re: [Owasp-Mumbai] Google may wrap up business from China _______________________________________________ OWASP-Mumbai mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-mumbai _______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
