Greeting's

This thread is in connection with my thread about new 0-day in IE (http://www.antionline.com/showthread...hreadid=276559). It is advised to read that thread first to understand the vulnerability in IE.

I found 2 software "Killbit apps" which are workaround's for the current IE explot.


To make life a little easier, I put together two small apps to set and unset the appropriate "kill bit" to block the actions of the current IE exploit. They can be found here:

http://handlers.sans.org/tliston/DAX...CX_KillBit.exe - Standard Windows executable
(MD5: 599a2e48602f63a5330eea8259216584)

http://handlers.sans.org/tliston/DAX...illBit_cmd.exe - Command line version
(MD5: 571a19cf51f713b81545ebd6a007d792)

The command line version, when run without any parameters, will set the "kill bit". When run with any parameter (i.e. something like "/r"), will remove the "kill bit."

The standard Windows executable, when run, will tell you the current status of the kill bit and offer you the option of changing it.
Remember to check the checksum (MD5) after downloading..

THANKS TO EVERY HANDLER AT ISC for making life easier.