Zero-Day IE Flaw Being Actively Exploited

Look in this specific forum for newly found security threats which may not yet be covered by your usual security software

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Zero-Day IE Flaw Being Actively Exploited

Postby TeMerc » Wed Dec 10, 2008 3:40 pm

Microsoft’s recent security updates fails to provide protection against a recently discovered zero-day vulnerability which could provide opportunities for cyber criminals to compromise PCs.

Several Web sites were found rigged with a malicious JavaScript detected by Trend Micro as JS_DLOAD.MD. This script exploits this zero-day vulnerability in Internet Explorer, though a Heap Spray on SDHTML. It also checks for the IE version installed on the affected system, since this exploit targets IE7.

After a successful exploit, it triggers a series of redirections to multiple URLs, then finally connects to one of several different domains — a full list of malicious domains can be found over at ShadowServer, as they have been verifying the domains collected by them and from other security researchers across the industry.

0-= Continued @ Trend Micro Blog
Image

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Re: Zero-Day IE Flaw Being Actively Exploited

Postby TeMerc » Thu Dec 11, 2008 5:20 pm

Microsoft Issues Advice on Internet Explorer Zero-Day
By Brian Prince
2008-12-11

Microsoft issued an advisory late Dec. 10 to help users deal with attacks targeting a zero-day flaw in Internet Explorer 7 that is being targeted by hackers. No word has been given as to when specifically users can expect a patch or an update to fix the issue.

While users await a patch or an update, Microsoft has offered up a few workarounds customers can use to thwart attacks. First, the company recommends users change the Internet and local Intranet settings to ‘High’ so there are prompts before running ActiveX controls and active scripting in these zones.

According to Microsoft, the attacks are being launched against IE 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.

nwz Continued @ eWeek
Image

User avatar
Johnincal
Moderators
Moderators
Posts: 732
Joined: Fri Feb 18, 2005 2:53 am
experience: I know the functions, OS settings, registry tweaks and more
PC time: About 3 hours a day
Location: Las Vegas, NV. USA

Re: Zero-Day IE Flaw Being Actively Exploited

Postby Johnincal » Thu Dec 11, 2008 6:44 pm

TeMerc wrote:Microsoft Issues Advice on Internet Explorer Zero-Day
By Brian Prince
2008-12-11

Microsoft issued an advisory late Dec. 10 to help users deal with attacks targeting a zero-day flaw in Internet Explorer 7 that is being targeted by hackers. No word has been given as to when specifically users can expect a patch or an update to fix the issue.

While users await a patch or an update, Microsoft has offered up a few workarounds customers can use to thwart attacks. First, the company recommends users change the Internet and local Intranet settings to ‘High’ so there are prompts before running ActiveX controls and active scripting in these zones.

According to Microsoft, the attacks are being launched against IE 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.

nwz Continued @ eWeek


The "Internet Storm Center" says in it's diary:

"In any case, the attackers are picking this quickly so make sure that you are following recommendations from Microsoft's advisory which will help reduce exposure or, if you can, use an alternative browser until this has been fixed."


More @ Internet Storm Center

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Re: Zero-Day IE Flaw Being Actively Exploited

Postby TeMerc » Fri Dec 12, 2008 1:42 pm

IE zero day bites broader group of users
By Dan Goodin
Posted in Security, 12th December 2008 18:41 GMT

Researchers are warning that the unpatched security vulnerability in Microsoft's Internet Explorer affects more versions of the browser than previously thought, and that steps users must take to prevent exploitation are harder than first published.

According to an updated advisory from Redmond, the bug that's been actively exploited since Tuesday bites versions 5.01, 6, and 8 of the browser, which is by far the most widely used on the web. A previous warning from Microsoft only said that IE 7 was susceptible to the attacks. IE is susceptible when running on all supported versions of the Windows operating systems, Microsoft also says.

0-= Continued @ The Register
Image

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Re: Zero-Day IE Flaw Being Actively Exploited

Postby TeMerc » Sun Dec 14, 2008 3:50 pm

Microsoft sees 'huge increase' in IE attacks

December 14, 2008 | Microsoft warned Saturday of a "huge increase" in attacks exploiting a critical unpatched vulnerability in Internet Explorer (IE), and said some originated from hacked pornography sites.

Microsoft noted the upswing in attacks on the company's Malware Protection Center blog late Saturday. "The trend for now is going upwards," said researchers Ziv Mador and Tareq Saadecom on the blog. "We saw a huge increase in the number of reports today compared to yesterday."

Microsoft acknowledged that attacks have become a significant problem. "Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability," Mador and Saadecom said. "That percentage may seem low, however it still means that a significant number of users have been affected."

nwz Continued @ Computer World
Image


Return to “EMERGING SECURITY THREATS!”

Who is online

Users browsing this forum: No registered users and 1 guest