인터넷 익스플로러 취약 발표.

블랙햇 DC 2010에서 인터넷 익스플로러를 이용해 사용자의 컴퓨터 파일을
빼내는 것을 발표 되었습니다.

Read the paper : http://www.coresecurity.com/files/attachments/Abusing_insecure_features_of_Internet_Explorer.pdf
View the slide presentation : http://www.coresecurity.com/files/attachments/BHDC2010.pdf
CoreLabs advisory : http://www.coresecurity.com/content/internet-explorer-dynamic-object-tag

이 취약점에 약한 패키지들 입니다.

Internet Explorer 5.01 SP4 on Windows 2000 sp4

Internet Explorer 6sp1 on Windows 2000 sp4

Internet Explorer 6sp2 on Windows XP sp2

Internet Explorer 6sp2 on Windows XP sp3

Internet Explorer 7 on Windows XP sp2

Internet Explorer 7 on Windows XP sp3

Internet Explorer 7 on Windows Vista sp1

Internet Explorer 7 on Windows Vista sp2

Internet Explorer 7 on Windows Server 2003 sp2 if Protected Mode if OFF and not using Enhanced Security Configuration

Internet Explorer 7 on Windows Server 2008 if Protected Mode if OFF and not using Enhanced Security Configuration

Internet Explorer 8 on Windows XP sp2

Internet Explorer 8 on Windows XP sp3

Internet Explorer 8 on Windows Vista sp1 if Protected Mode if OFF

Internet Explorer 8 on Windows Vista sp2 if Protected Mode is OFF

Internet Explorer 8 on Windows 7 if Protected Mode if OFF

Internet Explorer 8 on Windows Server 2003 sp2 if Protected Mode if OFF and not using Enhanced Security Configuration

Internet Explorer 8 on Windows Server 2008 R2 if Protected Mode if OFF and not using Enhanced Security Configuration