Microsoft has recently released a patch to address the zero-day exploit affecting certain versions of Internet Explorer. The said exploit was found to be hosted on the compromised Council on Foreign Relations website. When exploited, this IE vulnerability could allow attackers to execute arbitrary codes thus compromising the security of the systems. In addition, this vulnerability only affected older versions of Internet Explorer (i.e. 6, 7, and 8). Internet Explorer versions 9 and 10 are not affected. Initially, Microsoft has provided workarounds until the patch was released yesterday.

On the other hand, last week we also received reports of a zero-day exploit which affected Java. The said exploit was used by cybercriminal toolkits such as Blackhole Exploit Kit (BHEK) and Cool Exploit Kit (CEK) respectively. Based on our investigation, the exploit code (detected as JAVA_EXPLOIT.RG) leads to the download of REVETON malware or police ransomware.  In response to this zero-day exploit, Java has issued a software update. Prior to this release, the U.S. Department of Homeland Security has recommended users to disable Java on their web browsers to armor their systems against attacks leveraging this.

Read the rest of this entry »