Author Topic: Zero-day Internet Explorer Flaw--Anything for Avast to Check?  (Read 2980 times)

0 Members and 1 Guest are viewing this topic.

Offline starchase

  • Newbie
  • *
  • Posts: 2
Zero-day Internet Explorer Flaw--Anything for Avast to Check?
« on: December 19, 2008, 02:50:55 PM »
Concerning the IE flaw recently in the news, visiting certain web sites can cause malware to be installed on unsuspecting users machines.

Is there any malware involved in this exploit that Avast can scan for?  I'm careful about where I surf and what I download, but other users on my machine may not be so careful, or aware that this problem exists with IE.  I did patch the machine yesterday, but if Avast has any detection abilities for any of the malware that might be involved in this exploit I'd like to be sure my machine is not infected.

Thanks.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11798
    • AVAST Software
Re: Zero-day Internet Explorer Flaw--Anything for Avast to Check?
« Reply #1 on: December 19, 2008, 04:24:38 PM »
A detection for the exploit itself was added quite soon after it became known - so I'd say you should be protected for quite some time already.
Regarding the particular malware being distributed through the exploit - it's hard to say; there are quite a lot of infected sites, the number is growing, and the distributed malware keeps changing.

Offline BrBrasil

  • Jr. Member
  • **
  • Posts: 71
Re: Zero-day Internet Explorer Flaw--Anything for Avast to Check?
« Reply #2 on: December 19, 2008, 04:32:53 PM »
Anyway, if the exploit is detected by avast, then the malware related to it will not get into your machine, right?

Thanks for your time,

BrBrasil

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33200
  • malware fighter
Re: Zero-day Internet Explorer Flaw--Anything for Avast to Check?
« Reply #3 on: December 19, 2008, 04:34:10 PM »
Hi starchase,

The best advice here, patch that vulnerability in Internet Explorer as soon as you can, else there are new ways to infect your browser e.g. from an insiduous Word document, while you are browsing Fx or Flock and think you are not vulnerable secretely in the background your IE browser is infected through opening the malicious Word document, I used Open Office for the period of the work-arounds at least,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline starchase

  • Newbie
  • *
  • Posts: 2
Re: Zero-day Internet Explorer Flaw--Anything for Avast to Check?
« Reply #4 on: December 19, 2008, 05:45:28 PM »
Greetings All:

As I wrote in the original post, I patched my machine the evening the patch was released by Microsoft.  If during the intervening hours my spouse was on the net and came across unknowingly any of the evil web sites that exploit this flaw, I wanted to know if Avast would be able to detect any of the bugs that are involved.  Maybe not, but certainly Avast would be able to tell users, but I don't see anything on their web site.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 85163
  • No support PMs thanks
Re: Zero-day Internet Explorer Flaw--Anything for Avast to Check?
« Reply #5 on: December 19, 2008, 06:50:02 PM »
Well I believe you have your answer in the first reply by one of the Alwil team, Igor.

Quote
A detection for the exploit itself was added quite soon after it became known

So it depends on how soon is quite soon, but you would also have to bump into a site that had been hacked to exploit the vulnerability in IE, so I feel the likelihood of being hit would have been relatively low.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.5.2470 (build 21.5.6354.675) UI 1.0.646/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security