Author Topic: Protection against the IE 0-day exploit "Aurora"?  (Read 4072 times)

0 Members and 1 Guest are viewing this topic.

WhiteZero

  • Guest
Protection against the IE 0-day exploit "Aurora"?
« on: January 16, 2010, 06:08:53 PM »
I don't use IE myself, but a lot of my friends and family do.
I wonder if Avast's Web Shield can protect against the "Aurora" IE exploit?
http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: Protection against the IE 0-day exploit "Aurora"?
« Reply #1 on: January 17, 2010, 04:35:56 AM »
I would like to know this also.
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

WhiteZero

  • Guest
Re: Protection against the IE 0-day exploit "Aurora"?
« Reply #2 on: January 18, 2010, 03:08:53 AM »
This is a pretty heavy issue and I think we need an answer on it.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Protection against the IE 0-day exploit "Aurora"?
« Reply #3 on: January 18, 2010, 04:02:54 AM »
Since this is script based, e.g. using the HTML script tag, that should get scanned by the web shield and to date the web shield has been extremely good at this kind of obfuscated script detection.

That however is not official as I'm just an avast user like yourselves.

Personally I would be giving IE a wide berth (certainly until any 0-day exploit was resolved) and using firefox and NoScript as my default browser.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Gopher John

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2098
Re: Protection against the IE 0-day exploit "Aurora"?
« Reply #4 on: January 18, 2010, 07:48:41 PM »
Since this is script based, e.g. using the HTML script tag, that should get scanned by the web shield and to date the web shield has been extremely good at this kind of obfuscated script detection.

That however is not official as I'm just an avast user like yourselves.

Personally I would be giving IE a wide berth (certainly until any 0-day exploit was resolved) and using firefox and NoScript as my default browser.

I'm also using Firefox with NoScript.  For IE8 on WinXp Pro SP3, I set Internet Security to High, and verified that hardware DEP was enabled for IE8(is default setting) per http://www.microsoft.com/technet/security/advisory/979352.mspx
AMD A6-5350M APU with Radeon HD Graphics, 8.0GB RAM, Win7 Pro SP1 64bit, IE11
i7-3610QM 2.3GHZ, 8.0GB Ram,  Nvidia GeForce GT 630M 2GB, Win7 Pro SP1 64bit, IE 11
Common to both: Avast Premium Security 19.7.2388, WinPatrol Plus, SpywareBlaster 5.5, Opera 12.18, Firefox 68.0.2, MBam Free, CCleaner