http://pandalabs.pandasecurity.com/archive/tags/Patch/default.aspxTags: PatchenCommunityServer 2.1 SP2 (Build: 61120.2)http://pandalabs.pandasecurity.com/archive/MS09_2D00_002-Exploit-in-the-wild.aspxThu, 19 Feb 2009 03:34:00 GMTb262f9bf-63e5-46e5-8a14-4069a6997bc7:967Sean-Paul Correll0http://pandalabs.pandasecurity.com/comments/967.aspxhttp://pandalabs.pandasecurity.com/commentrss.aspx?PostID=967<p>Last Tuesday Microsoft released a Security Bulletin (<a href="http://www.microsoft.com/technet/security/bulletin/MS09-002.mspx">MS09-002</a>) for critical vulnerabilities which affected its Internet Explorer browser. The vulnerability exists because of improper error handling when accessing deleted objects and allows remote code execution through a specially crafted website.</p> <p><img alt="Exploit Code" height="394" src="http://support.us.pandasecurity.com/blog/MS09-Exploit.jpg" width="696" /></p> <p>This week a few websites in China started to actively exploit this vulnerability and the malware (jc.exe &amp; wininet.dll) is detected as Spyware/Virtumonde. The websites involved in this example have been blocked by Panda&rsquo;s Identity Protect Technology, which will block Panda&#39;s users before reaching the exploit sites.</p> <p>&nbsp;&nbsp; We recommend applying Microsoft&#39;s <a href="http://www.microsoft.com/technet/security/bulletin/MS09-002.mspx">patch</a> immediately.</p><img src="http://pandalabs.pandasecurity.com/aggbug.aspx?PostID=967" width="1" height="1">ExploitMicrosoftPatch