"...DOM-Hanoi is a community-developed utility for verifying browser integrity, written by H D Moore and Aviv Raff.
DOM-Hanoi will look for common DHTML implementation flaws by adding/removing DOM elements, in a similar way to the known Tower of Hanoi game..."

http://metasploit.com/users/hdm/tools/domhanoi/domhanoi.html

"...CSSDIE is a community-developed utility for verifying browser integrity, written by H D Moore, Matt Murphy, Aviv Raff, and Thierry Zoller. CSSDIE will look for common CSS1/CSS2/CSS3 implementation flaws by specifying common bad values for style values..."

http://metasploit.com/users/hdm/tools/see-ess-ess-die/cssdie.html

On Thursday a new generation of the createTextRange exploit was released under Metasploit.

Few hours later, and an article was published on techweb, where AV vendor Fortinet claimed that this exploit is much faster (??) than the older exploits. And, probably after reading my blog post, older exploits caused the browser to freeze.

According to my tests using VirusTotal, Fortinet was the only AV vendor to create a signature for the new generation - JS/CreateTextRange.B!exploit.

Well, that was up until today, when a new revision for the createTextRange was published under Metasploit and Milw0rm.

The new revision demonstrates better AV/IDS evasion techniques, by using random variables/functions names, which apparently are included in the "generic" signatures of the AV and IDS vendors.

And no, this is not an April fool's day prank.

10 days (or less) left for the MS patch.