History

January 19, 2010 NeXpose Release

This Rapid7 NeXpose™ release includes a check for a zero-day Internet Explorer vulnerability.

Check for IE vulnerabilities

  • NeXpose keeps Windows security up to date with a check for multiple Internet Explorer vulnerabilities reported in Microsoft Security Bulletin MS10-002. They include the zero-day vulnerability CVE-2010-0249. If exploited, these vulnerabilities allow a remote attacker to execute arbitrary code on target assets. Vulnerable browser versions include Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7.

Vulnerability checks

  • IE vulns MS10-002, including 0day CVE-2010-0249