Earlier we reported that Eric Romang had stumbled upon a new exploit while he was checking files on a compromised server. On analysis of the files, Romang found that the vulnerability that was targeted is zero-day that might be present in Internet Explorer7 and 8 and affects Windows XP based systems.
Later it was confirmed by folks at Rapid7 that the exploit has been tested on a Windows 7 based system with Internet Explorer 9 and the exploit was successfully executed. Metasploit framework already has a working module that exploits the zero-day.
Microsoft confirmed to Mashable that they are aware of targeted attacks that might be affecting some version of Internet Explorer. Yunus Wee, Director – Microsoft Trustworthy Computing, said, “We’re aware of targeted attacks potentially affecting some versions of Internet Explorer. We have confirmed that Internet Explorer 10 is not affected by this issue.”
“We recommend customers deploy Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) 3.0, which provides effective protections without affecting the Web browsing experience. We will continue to investigate this issue and take further actions as appropriate”, he added.