NeXpose vulnerability checks updated - IE 0day included-
NeXpose is a unified vulnerability solution that scans networks to identify the devices running on them and to probe these devices for vulnerabilities. It analyzes the scan data and processes it for reports. You can use these reports to help you assess your network security at various levels of detail and remediate any vulnerabilities quickly.
The vulnerability checks in NeXpose identify security weaknesses in all layers of a network computing environment, including operating systems, databases, applications, and files. NeXpose can detect malicious programs and worms, identify areas in your infrastructure that may be at risk for an attack, and verify patch updates and security compliance measures.
This Rapid7 NeXpose(tm) release includes a check for a zero-day Internet Explorer vulnerability.
NeXpose keeps Windows security up to date with a check for multiple Internet Explorer vulnerabilities reported in Microsoft Security Bulletin MS10-002. They include the zero-day vulnerability CVE-2010-0249. If exploited, these vulnerabilities allow a remote attacker to execute arbitrary code on target assets. Vulnerable browser versions include Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7.