Heh, when I am sick – it’s time to hunt…
Temperature: 37.8 C
Local Time: 23:00
Test machine: fully updated (pdf, flash, java up to 7.u17)
Live Exploit Kits in list: 5
What we testing:
How dangerous can be surfing for those who follow best practices – at least performing updates.
All behavior among tested Exploit Kits, can be described as:
– If plugin-detect present, than system realize that no vulnerable plugins detected, and
– no exploit served at all [Safe End]
– last available Java exploit served. [Fail]
– If plugin-detect not present, than all available exploits execute and fail.
* Sometimes LibTiff exploit crash the PDF plugin, once Java cause error message appears…
Bottom line – if machine is up to date – well, leave it, there are plenty of easy targets around.
Except for Cool Exploit Kit. Let me show You some fun stuff there…