On March 9, Microsoft started investigating reports of targeted attacks using a previously undisclosed vulnerability (CVE-2010-0806) affecting Internet Explorer 6 and 7 (Internet Explorer 8, Windows 7, and Windows Server 2008 R2 are not susceptible). As a member of the Microsoft Active Protections Program (MAPP), the MMPC and other members received information about the vulnerability and immediately deployed protection for our customers. We’ve been tracking exploit attempts against this vulnerability since then, working with MSRC to monitor the state of attacks.
When proof-of-concept code became available in public exploit testing tools on March 10 and by March 12, the attack landscape escalated. Mitigating signatures providing protection for this issue are:
Exploit:JS/CVE-2010-0806 and
Exploit:JS/Mult.CR. These signatures protect customers through Microsoft Security Essentials, Microsoft Forefront Client Security, Windows Live OneCare, the Forefront Threat Management Gateway, and the Windows Live Safety Platform.
