Late last week, the Council on Foreign Relations website was compromised and modified to host a 0-day exploit affecting Internet Explorer. Analysis revealed that the attack was set to affect a specific set of users, as it was set to work only if the browser language was set to English (US), Chinese (China), Chinese (Taiwan), Japanese, Korean, or Russian.
Microsoft has then issued a security advisory for the vulnerability and provided some workarounds, to serve as protection until a solution is released. Trend Micro users, however, are already protected through Trend Micro Deep Security, specifically through the following rules:
- 1005297 – Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability (CVE-2012-4792)
- 1005298 – Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability (CVE-2012-4792) Obfuscated
The abovementioned rules are set to detect all known variants of exploits.