Announcement Announcement Module
Collapse
No announcement yet.
Microsoft Internet Explorer use-after-free Vulnerability Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft Internet Explorer use-after-free Vulnerability

    Microsoft Internet Explorer use-after-free Vulnerability

    Severity Rating: HIGH

    Systems Affected
    • Windows Server 2003 SP2
    • Windows Server 2003 x64 Edition SP2
    • Windows Vista SP2 and prior
    • Windows Vista x64 Edition SP2 and prior
    • Windows Server 2003 with SP2 for Itanium-based Systems
    • Windows Server 2008 for 32-bit Systems SP2 and prior
    • Windows Server 2008 for x64-based Systems SP2 and prior
    • Windows 7 for 32-bit Systems SP1 and prior
    • Windows 7 for x64-based Systems SP1 and prior
    • Windows Server 2008 for Itanium-based Systems SP1 and prior
    • Windows Server 2008 for Itanium-based Systems SP2
    • Windows Server 2008 R2 for x64-based Systems SP1 and prior
    • Windows Server 2008 R2 for Itanium-based Systems SP1 and prior
    • Windows 8 for 32-bit and 64bit Systems
    • Windows 8.1 for 32-bit and 64-bit Systems
    • Windows Server 2012
    • Windows Server 2012 R2
    • Windows RT
    • Windows RT 8.1

    Component Affected
    • Internet Explorer 6,7,8,9,10,11

    Overview
    A use-after-free vulnerability has been reported in the Microsoft Internet Explorer, which could allow a remote attacker to execute arbitrary code on a targeted system in the context of current user within Internet Explorer.

    Description
    This vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated.
    A remote attacker could exploit this vulnerability by hosting a specially crafted website and then convincing users to view the website. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.
    Note: Proof of Concept(POC) for this exploit is publicly available.

    Workaround
    • Configure Enhanced Mitigation Experience Toolkit 4.1/5.0 for IE.
    • Disable flash plug-in in IE.
    • Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
    • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
    • Enable Enhanced Protected Mode for Internet Explorer 11 and Enable 64-bit Processes for Enhanced Protected Mode.
    • Unregister VGX.DLL.(re-register vgx.dll once update available)
    • Restrict access to VGX.DLL by modifying the ACL.( revert to the previous ACL configuration once update available)
    • Avoid clicking links in email messages.

    Vendor Information
    Microsoft
    https://technet.microsoft.com/en-us/...curity/2963983

    References
    Microsoft
    https://technet.microsoft.com/en-us/...curity/2963983

    Fireeye
    http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targ
    eting-internet-explorer-versions-9-through-11-

    identified-in-targeted- attacks.html

    US-CERT
    http://www.kb.cert.org/vuls/id/222929

    Secunia
    http://secunia.com/advisories/57908

    Symantec
    http://www.symantec.com/connect/blogs/zero-day-internet-vulnerability-let-l
    oose-wild

Working...
X