Microsoft has recently released a patch to address the zero-day exploit affecting certain versions of Internet Explorer. The said exploit was found to be hosted on the compromised Council on Foreign Relations website. When exploited, this IE vulnerability could allow attackers to execute arbitrary codes thus compromising the security of the systems. In addition, this vulnerability only affected older versions of Internet Explorer (i.e. 6, 7, and 8). Internet Explorer versions 9 and 10 are not affected. Initially, Microsoft has provided workarounds until the patch was released yesterday.
On the other hand, last week we also received reports of a zero-day exploit which affected Java. The said exploit was used by cybercriminal toolkits such as Blackhole Exploit Kit (BHEK) and Cool Exploit Kit (CEK) respectively. Based on our investigation, the exploit code (detected as JAVA_EXPLOIT.RG) leads to the download of REVETON malware or police ransomware. In response to this zero-day exploit, Java has issued a software update. Prior to this release, the U.S. Department of Homeland Security has recommended users to disable Java on their web browsers to armor their systems against attacks leveraging this.
The vulnerabilities affecting Ruby on Rails also emerged last week. Although, there are no reported attacks yet leveraging this, an exploit code is already released for Metasploit. Accordingly, when exploited, these vulnerabilities in Ruby on Rails could compromise a server. Good thing, the security patches were already out which can mitigate possible attacks.
Even before these software vendors released their patches, Trend Micro has issued protections already against all these threats and possible attacks leveraging these vulnerabilities and zero-day exploits. As such, home users and enterprises need not to worry as they are guarded from all known exploits using these exploit codes. For more information on Trend Micro’s solutions for Ruby on Rails and Java zero-day exploit, visit our entry here.