NeXpose Release January 19, 2010

Document created by techeditor on Apr 7, 2011Last modified by techeditor on Nov 1, 2011
Version 2Show Document
  • View in full screen mode

This Rapid7 NeXpose™ release includes a check for a zero-day Internet Explorer vulnerability.


Check for IE vulnerabilities

  • NeXpose keeps Windows security up to date with a check for multiple Internet Explorer vulnerabilities reported in Microsoft Security Bulletin MS10-002. They include the zero-day vulnerability CVE-2010-0249. If exploited, these vulnerabilities allow a remote attacker to execute arbitrary code on target assets. Vulnerable browser versions include Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7.


Vulnerability checks


  • IE vulns MS10-002, including 0day CVE-2010-0249