Palo Alto Networks

ActiveX

How To Defend Against Advanced IE Exploitation

In February, Microsoft awarded $100,000 to Yu Yang (@Tombkeeper) for reporting a new mitigation bypass technique as part of Microsoft’s Bounty Program. Yu later demonstrated his research at CanSecWest in March. In his slides, he mentioned that a "god mode" of Internet Explorer could be turned on by a one byte overwrite. However, he had to heavily redact this information due to an agreement between himself and Microsoft....

Jun 06, 2014

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.