Latest IE 0-day exploit finds its way into Eleonore toolkit

Microsoft will likely be forced to issue an out-of-band-patch for the zero-day vulnerability affecting Internet Explorer that has been discovered being exploited in the wild less than a week ago.

Since then, the zero-day has been used to infect systems with the Pirpi and Hupigon Trojans, who open a backdoor into the system. But, more importantly, AVG has detected the exploit code in the well-known Eleonore exploit toolkit, so we can expect an increase in the number of attacks.

Until Microsoft comes out with a patch, it would be best for everyone who uses their browser to follow the advice given in the security advisory and implement one of the workarounds listed. It would also be a good idea to install some software that blocks web-based attacks.