December 31, 2012
Microsoft Investigates Reports Of Internet Explorer Vulnerability
Michael Harper for redOrbit.com — Your Universe Online
Those who use an older version of Microsoft´s Internet Explorer (IE) web browser may finally have their excuse to upgrade — or simply switch to another browser altogether. According to a recent Security Advisory, Microsoft is now looking into reports claiming that Internet Explorer versions 6, 7 and 8 are leaving the computers which run them vulnerable to zero-day attacks.Though they are still investigating these reports, Microsoft has stated that they are only aware of attacks on versions up to IE 8, meaning that IE 9 and IE 10 are supposedly safe from this particular vulnerability.
These zero-day attacks open the host computer to hackers, allowing them to run malicious websites and infect any who may pass through the sites.
“The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer,” explains Microsoft in the Security Advisory. “An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the website.”
Such Web sites could host the malicious content within ads or other parts of the page. As it stands, a hacker cannot force a person with a vulnerable browser to visit one of these malicious websites. Instead, they must lure them to these sites using the typical measures: Posting links to these sites in emails, instant messages and elsewhere.
According to the web-security firm FireEye's blog, it´s likely that those using an older browser who have an interest in foreign affairs may be more likely to be hit with this vulnerability. Darien Kindlund with FireEye wrote that his firm began receiving reports that the website for the Council on Foreign Relations (CFR) had been compromised and was hosting this malicious content on December 26. Kindlund explains that while he could confirm that the website had been infected on this day, the initial infection took place a few days earlier on December 21.
“We can also confirm that the malicious content hosted on the website does appear to use Adobe Flash to generate a heap spray attack against Internet Explorer version 8.0 (fully patched), which was the source of the zero-day vulnerability,” writes Kindlund. “We have chosen not to release the technical details of this exploit, as Microsoft is still investigating the vulnerability at this time.”
While Microsoft investigates this vulnerability, they recommend a few “workarounds” to prevent users from becoming a victim to such attacks. First, Microsoft recommends downloading and deploying the Enhanced Mitigation Experience Toolkit (EMET). The company also suggests placing all security settings in IE to “High,” as well as blocking all ActiveX Controls and Active Scripting.
Users are also encouraged to add those trusted sites to Internet Explorer´s trusted sites zone, thus allowing these sites to run normally without being hindered by any of the above measures.
For more thorough steps to sidestep such a vulnerability, refer to Microsoft´s Security Advisory and click through “Suggested Actions” to “Workarounds.”
An easier way to protect yourself and your computer from this specific vulnerability is to simply upgrade browsers or switch to a new one, such as Chrome or Firefox.