which already has some discussion. If you're interested in how the vulnerability actually works, there's a Haml reduction of what may be the core cause (a DOM object lifecycle bug) posted on that thread.
I'm also not sure it's been established that this code is what got the attackers into Google, although it appears to have gotten them Adobe.
You mean like it basically says right in the beginning of the post? ;)
"Earlier today this entry from yesterday at Wepawet (an online analysis engine for malware) was pointed out to H.D. Moore, and within hours Metasploit has an exploit of the vulnerability integrated. McAfee has confirmed that the exploit is out and the same one they saw during the investigation"
Source: http://praetorianprefect.com/archives/2010/01/the-aurora-ie-...
On your second item, here's what McAfee has stated:
"Computer code that exploits the yet-to-be-patched Internet Explorer vulnerability used in Operation Aurora to attack Google and others in December has now been published on the Internet."
Source: http://siblog.mcafee.com/cto/%E2%80%9Caurora%E2%80%9D-exploi...
http://blog.metasploit.com/2010/01/reproducing-aurora-ie-exp...
posted earlier as:
http://news.ycombinator.com/item?id=1055986
which already has some discussion. If you're interested in how the vulnerability actually works, there's a Haml reduction of what may be the core cause (a DOM object lifecycle bug) posted on that thread.
I'm also not sure it's been established that this code is what got the attackers into Google, although it appears to have gotten them Adobe.