The WindowsWorkstation.com Forum

A second 0-day vulnerability in IE in just a few days !

Forums General General Discussion Windows Security A second 0-day vulnerability in IE in just a few days !

Viewing 0 reply threads
  • Author
    Posts
    • 10th November 2013 at 11:56 #44735
      hackerman1
      Moderator

        Hi !

        New IE Zero-Day found in Watering Hole Attack
        November 8, 2013

        FireEye Labs has identified a new IE 0day exploit hosted on a breached website based in the US.
        It’s a brand-new IE 0-day that compromises anyone visiting a malicious website;
        classic drive-by download attack.
        The exploit leverages a new information leakage vulnerability and an IE out-of-bounds memory access vulnerability to achieve code execution.

        Exploitation
        This vulnerability affects Windows XP with IE 8 and Windows 7 with IE 9.

        The memory access vulnerability is designed to work on Windows XP with IE 7 and 8, and on Windows 7. The exploit targets the English version of Internet Explorer, but we believe the exploit can be easily changed to leverage other languages.
        Based on our analysis, this vulnerability affects IE 7, 8, 9 and 10.
        This actual attack of this memory access vulnerability can be mitigated by EMET per Microsoft’s feedback.

        http://www.fireeye.com/blog/technical/2013/11/new-ie-zero-day-found-in-watering-hole-attack.html

        Although the text is confusing regarding affected versions, it seems to be a good ideato avoid using IE….

        This is the SECOND 0-day vulnerability in just a few days !

        “Published: Tuesday, November 05, 2013
        Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync.
        Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Microsoft Office products.

        The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images.”

        EMET:
        “The Enhanced Mitigation Experience Toolkit (EMET) helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the vulnerability harder to exploit.
        EMET 4.0 is officially supported by Microsoft.
        At this time, EMET is only available in the English language.
        For more information, see Microsoft Knowledge Base Article 2458544.”

        “EMET 4.0, in the recommended configuration, is automatically configured to help protect the affected software installed on your system.
        No additional steps are required.”

        viewtopic.php?f=57&t=2559

        I suggest Firefox if you want another browser than IE: http://www.mozilla.org/en-US/firefox/

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.