Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    A week after September‘s Patch Tuesday, Microsoft rushed a “Fix It” workaround tool to address a new zero-day Internet Explorer vulnerability (CVE-2013-3893), which is reportedly being actively exploited in certain targeted attacks.

    As Microsoft advised, the said exploit is targeting a Use After Free Vulnerability in IE’s HTML rendering engine (mshtml.dll). While current exploits are implemented entirely in JavaScript, an attacker can choose to use other methods like Java, Flash, VBScript, etc. as well.  For more technical information about the vulnerability, one can check Microsoft’s blog post that describes the vulnerability in full detail.

    Using this vulnerability, the attacker may corrupt the memory in such a way that could allow execution of arbitrary code with the rights of the logged-in user. To do so, an attacker must persuade its victim to browse an exploit-hosting website by way of phishing, spam or social networking sites. As per the Microsoft security advisory (2887505), all Internet Explorer versions (from version 6 to 11) are affected by this vulnerability.

    Trend Micro Deep Security and Intrusion Defence Firewall (IDF) customers can use the following DPI rule to protect their hosts from attacks around (CVE-2013-3893):

    • 1005689 – Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893)

    Users are also advised to make use of Microsoft’s “Fix It” workaround tool and avoid visiting unverified links, websites or open any email messages from unknown/dubious senders. Other workarounds – like using non-IE browsers and avoiding running as an administrator account – should also be considered. We will update this blog once we have more information about this threat.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice