MSHTML.DLL Versions

The recent Metasploit module for MS13–059 requires a specific version of Internet Explorer to work. The version of mshtml.dll must be 9.0.8112.16446. Here are some update rollups and hotfixes I have tried and what version of mshtml.dll I got with them. This might be useful to someone looking for a particular release.

To get this particular version, here are the packages I installed:

  • Windows 7 Gold
  • Windows 7 Service Pack 1
  • Internet Explorer 9
  • Cumulative Security Update for Internet Explorer (2530548) IE9-Windows6.1-KB2530548-x64.msu (this brought it up to 9.0.8112.16430)
  • Cumulative Security Update for Internet Explorer (KB2586448) (this brought it up to 9.0.8112.16437 – getting close)
  • Cumulative Security Update for Internet Explorer (2618444) IE9-Windows6.1-KB2618444-x64.msu (this brought it up to 9.0.8112.16440)
  • Cumulative Security Update for Internet Explorer (2744842) – IE9-Windows6.1-KB2744842-x64.msu (this brought it up to 9.0.8112.16450 – oops)
  • Cumulative Security Update for Internet Explorer (2647516) – IE9-Windows6.1-KB2647516-x64.msu (this brought it up to 9.0.8112.16441)
  • Cumulative Security Update for Internet Explorer (2846071) – IE9-Windows6.1-KB2846071-x64.msu (this brought it up to 9.0.8112.16496 – oops)
  • Cumulative Security Update for Internet Explorer (2699988) – IE9-Windows6.1-KB2699988-x64.msu which gives 9.0.8112.16446 – victory!
Posted in Security and tagged , , , , . Bookmark the permalink. RSS feed for this post. Leave a trackback.

2 Responses to MSHTML.DLL Versions

  1. clew says:

    Thank you for the mshtml.dll version list Guillaume, it was very helpful for getting to the correct patch level. Were you able to get code execution from the module at all? I have tried the module against IE 9 running on both 32-bit and 64-bit versions of Windows 7 SP1 and I’m only getting crashes. Any tips or hints would be greatly appreciated.

    • Guillaume says:

      I have not tried it in 32 bit yet but I have had the same issues with the 64 bit version. The land page for the module mentions this:

      Install IE9 on win7 sp1
      Install KB2846071 to ensure a vulnerable mshtml version
      Install jre6

      It doesn’t say if it’s tested in 32 or 64, but I have not had much luck with this in 64.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Swedish Greys - a WordPress theme from Nordic Themepark.