14 DAY TRIAL // Less than a week after Microsoft released the MS12-037 security bulletin, which fixes a number of critical vulnerabilities in Internet Explorer, an exploit code has been made available for the CVE-2012-1875 remote code execution flaw.
Microsoft warned customers that an exploit would probably become available in the next 30 days, but as usual, it doesn’t take much time for such popular attack codes to become available.
Right after the security update was made available, McAfee and AlienVault reported having identified ongoing attacks that leveraged the vulnerability.
The exploit for the security hole has been also added to Metasploit and Contagio has even made available a video demonstration.
This means that users who haven’t already applied the updates are advised to immediately install them to avoid falling victims to cybercriminal operations.
Also, this is not the only vulnerability that affects Internet Explorer. There’s another critical flaw in Microsoft XML Core Services that hasn’t been patched yet, but for which the Redmond company released a temporary fix.