You'd think releasing v12.5 of Impact, Introducing the concept of an Identity Manager and the Assisted Start Guide and then shipping that to all our customers would be enough for the month of September. However, this is when the advantage of having a dedicated Exploit Writing Team and a separate and dedicated Impact Development Team is really felt by our customers. Despite the extensive efforts to finalize and QA v12.5 of Impact we were still able to continue to release critical exploits to our customer base. We released an entire new version of Impact, including hundreds of updates, at the same time we also released 14 updates for our customers to ensure they can continue with their security testing.

Updates for September 2012 (excluding maintenance updates) Remote Code Execution HP OpenView Performance Agent coda.exe Opcode 0x34 Buffer Overflow Exploit HP OpenView Performance Agent coda.exe Opcode 0x8C Buffer Overflow Exploit Client Side Cisco Linksys PlayerPT ActiveX Control Buffer Overflow Exploit Update Cisco Linksys PlayerPT ActiveX Control Buffer Overflow Exploit Update Internet Explorer Same ID Property Remote Code Execution Exploit Microsoft Internet Explorer Exec Function Use After Free Exploit Microsoft Internet Explorer Fixed Table Col Span Exploit (MS12-037) Microsoft Word MSCOMCTL TabStrip Control Use-after-free Exploit(MS12-060) Privilege Escalation Symantec LiveUpdate Administrator Local Privilege Escalation Exploit And our maintenance updates included an update to our AV evasion capabilities.