Announcement Announcement Module
Collapse
No announcement yet.
Internet Explorer use-after-free Zero-Day Vulnerability used in Targeted Attacks Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Internet Explorer use-after-free Zero-Day Vulnerability used in Targeted Attacks

    Microsoft Internet Explorer use-after-free Zero-Day Vulnerability used in Targeted Attacks

    Severity Rating: HIGH
    Component Affected
    • Internet Explorer 6,7,8,9,10,11
    Systems Affected
    • Windows Server 2003 SP2
    • Windows Server 2003 x64 Edition SP2
    • Windows Vista SP2 and prior
    • Windows Vista x64 Edition SP2 and prior
    • Windows Server 2003 with SP2 for Itanium-based Systems\
    • Windows Server 2008 for 32-bit Systems SP2 and prior
    • Windows Server 2008 for x64-based Systems SP2 and prior
    • Windows 7 for 32-bit Systems SP1 and prior
    • Windows 7 for x64-based Systems SP1 and prior
    • Windows Server 2008 for Itanium-based Systems SP1 and prior
    • Windows Server 2008 for Itanium-based Systems SP2
    • Windows Server 2008 R2 for x64-based Systems SP1 and prior
    • Windows Server 2008 R2 for Itanium-based Systems SP1 and prior
    • Windows 8 for 32-bit and 64bit Systems
    • Windows 8.1 for 32-bit and 64-bit Systems
    • Windows Server 2012
    • Windows Server 2012 R2
    • Windows RT
    • Windows RT 8.1

    Overview
    It has been reported that a new Internet Explorer (IE) zero-day vulnerability is being used in "limited, targeted attacks" .
    The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11. This zero-day bypasses both ASLR(Address Space Layout Randomization) and DEP(Data Execution Prevention),the features in Operating Systems to prevent malicious code execution . CERT-In has published a Vulnerability Note in this regard(CIVN-2014-0078) . It has also reported that the vulnerability is currently being exploited by a group of hackers targeting financial and defense organizations in some countries. As far as Indian users are concerned, it is advised to avoid the usage of Internet explorer and may consider using an alternate browser till the patch is available from Microsoft.

    Description
    This vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated.
    A remote attacker could exploit this vulnerability by hosting a specially crafted website and then convincing users to view the website. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.

    Vendor Information
    Microsoft
    https://technet.microsoft.com/en-us/...curity/2963983

    References
    Microsoft
    https://technet.microsoft.com/en-us/...curity/2963983

    Fireeye
    http://www.fireeye.com/blog/uncatego...d-attacks.html

    US-CERT
    http://www.kb.cert.org/vuls/id/222929

    Secunia
    http://secunia.com/advisories/57908

    Symantec
    http://www.symantec.com/connect/blog...let-loose-wild
Working...
X