Version 3.5.2 of the Metasploit Framework is live! This release fixes a security issue where unprivileged users on Windows were able to write files in the framework installation directory, allowing privilege escalation. For details, see the 3.5.2 release blog post. In addition to fixing this vulnerability, 3.5.2 includes a revamped WMAP courtesy of Efrain Torres, improvements to Meterpreter's railgun extension thanks to chao-mu, and a fledgling version of Post Exploitation modules (a more powerful replacement for Meterpreter scripts). The full release notes for the framework can be found online.
It can be downloaded from: