

Ask HN: Anyone figured out the IE 0-day vulnerability ? - olalonde

Anyone figured out the IE 0-day vulnerability that was exploited by recent Chinese attacks ?<p>Microsoft security advisory: http://www.microsoft.com/technet/security/advisory/979352.mspx<p>"The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution."<p>Does anyone know infected sites ?
======
Zev
I don't know much (or anything, really, besides basic some basic concepts to
avoid writing vulnerable code in my languages of choice) about vulns (0day or
otherwise), however, this doesn't sound like a particularly exciting exploit.
Its just a mistake with pointers, albeit one that had some serious
consequences.

~~~
olalonde
Actually, mistakes with pointers can lead to remote code execution
(<http://en.wikipedia.org/wiki/Buffer_overflows>).

------
tlack
I had heard earlier indications that it was the Javascript in PDF
vulnerability that was partially at fault. That began getting publicized a bit
before the Google newsbomb, so there may be some truth to that.

