0-day exploit for Microsoft Internet Explorer

Posted: September 18, 2013 in IT Security News
Tags: , , ,

New Vulnerabilities

0day-exploit for Internet Explorer

Microsoft warns users of Internet Explorer, what the attackers began to exploit a new previously unknown 0-day vulnerability in browser IE 6-10.

Now specialists are working on the release of the patch, which will included in automatic updates. But the danger is so great that people are asked to self-install the patch Fix It, which released an emergency basis. Before you install it you need to install the September patch KB2870699.

Vulnerability CVE- 2013-3893 refers to the browser Microsoft Internet Explorer 6-10 under all versions of the OS, other than Server Core, and allows for remote code execution. According to the official description, the failure is due to improper browser access to an object in memory that has been deleted or incorrectly placed. Exploit the remote execution of code means that an attacker can install malicious software on your computer, just pointing it on outside web page (the attack drive-by).

Installing the patch Fix It limits the functionality of the browser, it is not a full patch, but only a temporary solution. The Fix It solution is available at https://support.microsoft.com/kb/2887505.

“Following the investigation, Microsoft will take the appropriate action to protect our users – said in a statement. – These actions may include the release of a patch in the standard kit or extraordinary monthly security update, depending on the need.” In the past month Microsoft patched 47 vulnerabilities, including 10 critical vulnerabilities in Internet Explorer.

Experts explain that now the attack narrowly targeted and affects only the Japanese sites, but any day exploit can occur in other countries, so that Microsoft should closely monitor the situation and promptly start automatically update browsers.Microsoft Fix It

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s