InsightaaS: UBM’s Dark Reading is one of the web’s best security information resources, connecting security professionals and information via ten communities that “drill deeper into the enterprise security challenge.” In this post, Editor-in-Chief Tim Wilson provides an overview of the recently-discovered IE zero day vulnerability.
Microsoft has discovered a zero-day vulnerability in most versions of Internet Explorer that already has enabled some attackers to execute code remotely on victim PCs, even without action by the end user. In a security advisory issued over the weekend, Microsoft reported that it “is aware of limited, targeted attacks that attempt to exploit a vulnerability” in IE 6, 7, 8, 9, 10, and 11. The vulnerability, which takes advantage of the way IE accesses an object in memory that has been deleted or has not been properly allocated, makes it possible for attackers to do remote code execution on a targeted machine, the advisory says.
“An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website,” Microsoft says. “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.”
Remote code execution means that attackers could distribute malware via a drive-by installation, “where simply looking at booby-trapped content such as a Web page or image file can trick IE into launching executable code sent from outside your network,” notes Paul Ducklin, a researcher at security firm Sophos, in a blog posted Sunday. “There won’t be any obvious warning signs, or ‘Danger, Will Robinson’ dialog boxes.”…