Just a couple of hours after the reportedly 0-day VML exploit there were also reports that this has been implemented by the Web-Attacker as described on this post.
Then, earlier this morning a Web-Attacker exploit penetration statistics website has been reported by an external source. The url points to a statistics page that contains the Total hosts infected by Web-Attacker kit. The website even has a breakdown of each infection based on the browser exploit, the host operating system (OS), and the internet browser used by the affected system. The internet browser statistics section was even broken down into specific version or service packs.
But, this particular site does not show the statistics for 0-day infected systems but rather by the not-so-old browser exploits. So, given that url, I played with it a little with the help of my friend, Google, and there I got 49 urls all pointing to different Web-Attacker control panels. I tried every url one after another and there I saw a convincingly updated exploit penetration statistics page that includes a column of data on 0-day infected hosts.
Since, we recently have two (2) browser related 0-day vulnerabilities, the 0-Day column shown above may or may not be for the VML vulnerability alone.
Now, you know who are the most likely to be hit by the recent 0-days.
I have also listed below the rest of the Internet Browsers that are being monitored/affected by the Web-Attacker. I am suppose to capture it as well as an image but I dare not to, it’s pretty long as you will see.:(
- Firefox 0.10 13
- Firefox 0.10.1
- Firefox 0.10.1
- Firefox 0.8
- Firefox 0.8 (ax)
- Firefox 0.9
- Firefox 0.9.1
- Firefox 0.9.2
- Firefox 0.9.2 (ax)
- Firefox 0.9.3
- Firefox 0.9.5.1
- Firefox 1.0 392
- Firefox 1.0 (Debian package 1.0+dfsg.1-6)
- Firefox 1.0 (Ubuntu package 1.0.2)
- Firefox 1.0 (ax)
- Firefox 1.0 Red Hat/1.0-12.EL4
- Firefox 1.0+
- Firefox 1.0.1
- Firefox 1.0.1 (ax)
- Firefox 1.0.1 StumbleUpon/1.9993
- Firefox 1.0.2
- Firefox 1.0.2 (MOOX M3)
- Firefox 1.0.2 (ax)
- Firefox 1.0.3
- Firefox 1.0.3 (Debian package 1.0.3-2)
- Firefox 1.0.3 (ax)
- Firefox 1.0.3 StumbleUpon/1.9995
- Firefox 1.0.4
- Firefox 1.0.4 (Debian package 1.0.4-2)
- Firefox 1.0.4 (Debian package 1.0.4-2sarge4)
- Firefox 1.0.4 (ax)
- Firefox 1.0.4 (ax) Firefox/1.5.0.2
- Firefox 1.0.4 StumbleUpon/1.9995
- Firefox 1.0.5
- Firefox 1.0.5 (ax)
- Firefox 1.0.6
- Firefox 1.0.6 (ax)
- Firefox 1.0.6 SUSE/1.0.6-4.1
- Firefox 1.0.7
- Firefox 1.0.7 (CK-IBM)
- Firefox 1.0.7 (Debian package 1.x.1.0.7-8)
- Firefox 1.0.7 (Ubuntu package 1.0.7)
- Firefox 1.0.7 (ax)
- Firefox 1.0.7 Firefox/1.5
- Firefox 1.0.7 NLD/1.0.7-0.2
- Firefox 1.0.7 SUSE/1.0.7-0.1
- Firefox 1.0.7 SUSE/1.0.7-0.2
- Firefox 1.0.7 StumbleUpon/1.9993
- Firefox 1.0.8
- Firefox 1.0.8 (Ubuntu package 1.0.8)
- Firefox 1.0.8 SUSE/1.0.8-0.2
- Firefox 1.0RC2
- Firefox 1.4 16
- Firefox 1.4.1
- Firefox 1.5 133
- Firefox 1.5.0.1
- Firefox 1.5.0.1 pango-text
- Firefox 1.5.0.2
- Firefox 1.5.0.2 pango-text
- Firefox 1.5.0.3
- Firefox 1.5.0.3 (Debian-1.5.dfsg+1.5.0.3-2)
- Firefox 1.5.0.3 Creative ZENcast v1.00.12
- Firefox 1.5.0.3 RTSE/1.0.6
- Firefox 1.5.0.4
- Firefox 1.5.0.4 (Debian-1.5.dfsg+1.5.0.4-1)
- Firefox 1.5.0.4 Creative ZENcast v1.00.12
- Firefox 1.5.0.4 Flock/0.7.1
- Firefox 1.5.0.4 RTSE/1.0.6
- Firefox 1.5.0.4 pango-text
- Firefox 1.5.0.6
- Firefox 1.5.0.7
- Firefox 2.0a1 8
- Firefox 2.0b1 3
- Firefox 3.0a1 2
- MSIE 5.0
- MSIE 5.0 SP2
- MSIE 5.01
- MSIE 5.01 SP1
- MSIE 5.01 SP2
- MSIE 5.01 SP3
- MSIE 5.01 SP4
- MSIE 5.5
- MSIE 5.5 SP1
- MSIE 5.5 SP2
- MSIE 5.5 SP4
- MSIE 6.0
- MSIE 6.0 SP1
- MSIE 6.0 SP1a
- MSIE 6.0 SP2
- MSIE 6.0 SP4
- MSIE unknown
- MSIE unknown SP2
- Netscape
- Opera
- Unknown