Microsoft confirmed a new Zero Day critical vulnerability in its browser Internet Explorer. Flaw affects all versions of Internet Explorer, starting with IE version 6 and including IE version 11.
In a Security Advisory (2963983) released yesterday, Microsoft acknowledges a zero-day Internet Explorer vulnerability (_CVE-2014-177_6) is being used in targeted attacks by APT groups, but the currently active attack campaigns are targeting IE9, IE10 and IE11.
INTERNET EXPLORER 0-DAY VULNERABILITY (CVE-2014-1776)
According to Advisory, Internet Explorer is vulnerable to Remote Code Execution, which resides βin the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated.β Microsoft said.
Microsoft Investigation team is currently working with FireEye Security experts, and dubbed the ongoing targeted campaign as βOperation Clandestine Foxβ.
In a blogpost, FireEye explained that an attacker could trigger the zero-day IE exploit through a malicious webpage that the targeted user has to access with one of the affected Internet Explorer browser. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code within the browser in order to gain the same user rights as the current user.
CULPRIT: ADOBE FLASH PLUGIN
But, Internet Explorer zero-day exploit depends upon the loading of a Flash SWF file that calls for a Javascript in vulnerable version Internet Explorer to trigger the flaw, and which also allows the exploit to bypass Windowsβ ASLR and DEP protections on the target system by exploiting the Adobe Flash plugin.
According to the advisory, there is currently no security patch available for this vulnerability. βCollectively, in 2013, the vulnerable versions of IE accounted for 26.25% of the browser market.β FireEye said.
MITIGATION - HOW TO PROTECT YOUR COMPUTER FROM ZERO-DAY IE EXPLOIT?
Microsoft is working on a security patch for Internet Explorer vulnerability, could be available from the Next Patch Tuesday update (13th May, 2014). However, you can still migrate the zero-day threat by following below given methods:
Stay Safe!