Touchup

wchen-r7 · wchen-r7 · commit 2a7d4ed963a7 · 2014-11-28T10:12:05.000-06:00
diff --git a/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb b/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb
@@ -1,7 +1,9 @@
 ##
+# This module requires Metasploit: http://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
+
 require 'msf/core'
 require 'msf/core/exploit/powershell'
 
@@ -12,7 +14,6 @@ class Metasploit4 < Msf::Exploit::Remote
   include Msf::Exploit::Remote::BrowserAutopwn
   include Msf::Exploit::Powershell
 
-
   autopwn_info({
     :ua_name    => HttpClients::IE,
     :ua_minver  => "3.0",
@@ -24,20 +25,22 @@ class Metasploit4 < Msf::Exploit::Remote
 
   def initialize(info={})
     super(update_info(info,
-      'Name'           => "Windows OLE Automation Array Remote Code Execution",
+      'Name'           => "Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution",
       'Description'    => %q{
         This module exploits Windows OLE Automation Array Vulnerability known as CVE-2014-6332.
-        The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows95 up to Windows 10.
+        The vulnerability affects Internet Explorer 3.0 until version 11 within Windows95 up to Windows 10.
+        Powershell is required on the target machine. On Internet Explorer versions using Protected Mode,
+        the user has to manually allow powershell.exe to execute in order to be compromised.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
         [
-          'Robert Freeman of IBM X-Force',
-          'yuange <twitter.com/yuange75>',
-          'Rik van Duijn <twitter.com/rikvduijn>',
-          'Wesley Neelen <security[at]forsec.nl>',
-          'GradiusX <francescomifsud@gmail.com>',
-          'b33f @FuzzySec',
+          'Robert Freeman', # IBM X-Force
+          'yuange', # twitter.com/yuange75
+          'Rik van Duijn', # twitter.com/rikvduijn
+          'Wesley Neelen', # security[at]forsec.nl
+          'GradiusX <francescomifsud[at]gmail.com>',
+          'b33f', # @FuzzySec
         ],
       'References'     =>
         [
@@ -54,7 +57,7 @@ def initialize(info={})
         [
           [ 'Windows x86', { 'Arch' => ARCH_X86 } ],
         ],
-      'BrowserRequirements' => 
+      'BrowserRequirements' =>
         {
           :source  => /script|headers/i,
           :ua_name => HttpClients::IE,
