Matsuda Posted November 9, 2013 Share Posted November 9, 2013 (edited) Researchers at network security company Fireeye have identified a zero-day exploit of Internet Explorer on a breached web site.The specific exploit targets the English versions of Internet Explorer 7 and 8 on Windows XP and IE8 on Windows 7. FireEye says their analysis indicates that the vulnerability behind it affects IE 7, 8, 9 and 10.FireEye does not say if IE10 on Windows 8 is affected or if they examined IE11.There are two vulnerabilities involved in the attack: the first is an information disclosure vulnerability which the exploit uses to retrieve the timestamp from the PE headers of msvcrt.dll (part of the Microsoft Visual C++ runtime). The second is an IE out-of-bounds memory access vulnerability, used to achieve code execution.Many versions of msvcrt.dll are in distribution, so the exploit sends the timestamp back to the attacker's server, which returns an out-of-bounds exploit specific to the user's version.The exploit contains a "ROP chain" according to FireEye. ROP is Return-Oriented Programming, a technique generally blocked by Address Space Layout Randomization (ASLR), introduced in Windows Vista (a version of Windows unmentioned by FireEye). That the exploit works on Windows XP is no surprise, but for it to work on Windows 7 is more unusual.The report doesn't say much about the payload, other than that it is large and multi-stage.FireEye is in working with Microsoft on researching the attack. The report says that the vulnerability can be mitigated using Microsoft's Enhanced Mitigation Experience Toolkit (EMET) 4.0, presumably focusing on msvcrt.dll. Be careful, as you will likely have multiple copies of multiple versions of this DLL on your system.View: Original Article Edited November 9, 2013 by Matsuda Link to comment Share on other sites More sharing options...
sirri Posted November 9, 2013 Share Posted November 9, 2013 cool indeed.. :lol:According to NSS Labs, Microsoft's Internet Explorer continues to provide the best combination of malware and phishing protection. The security company also found that the application reputation technology used in Internet Explorer and Google's Chrome offer a "significantly safer" browsing experience compared to Apple's Safari or Mozilla's Firefox. NSS Labs conducted six browser malware protection tests, all dated between 2009 and 2013, and found that Internet Explorer significantly outperformed the competition in all of those tests. The security company explains that only very recently has Chrome become a "viable option" in terms of significant malware protection. On top of that, it appears that Apple's Safari browser scored the worst.Of course, you cant always blame the internet browser for social engineering attacks. NSS Labs firmly believes that user education is the best defense against these kinds of threats. Link to comment Share on other sites More sharing options...
SPECTRUM Posted November 10, 2013 Share Posted November 10, 2013 (edited) cool indeed.. :lol:phishing/malware != exploit vulnerability :rolleyes: -_-phishing/malware == user fault ;) ^_^ Edited November 11, 2013 by SPECTRUM Link to comment Share on other sites More sharing options...
Recommended Posts