Feeds

Redmond probes new IE 8 vulnerability

Zero day appeared on US Dept of Labor site

Providing a secure and efficient Helpdesk

Microsoft has confirmed a bug in Internet Explorer 8, CVE-2013-1347, which exposes user machines to remote code execution.

In an advisory, Microsoft says the vulnerability “exists in the way that Internet Explorer [accesses] an object in memory that has been deleted or has not been properly allocated.”

That, in turn, opens the door to memory corruption and remote code execution in the current user context.

According to this blog post by Eric Roman: “A use-after-free condition occurs when a CGenericElement object is freed, but a reference is kept on the document and used again during rendering, an invalid memory that’s controllable is used, and allows arbitrary code execution under the context of the user.”

That post also notes that an exploit has been seen in the wild. Last week, security companies AlienVault and Invincea reported that a site on a sub-domain of the US Department of Labor was serving malware, and Roman's blog post states that it was serving up an attack on the CVE-2013-1347 vulnerability.

According to Invincea, the Department of Labor exploit was installing the Poison Ivy backdoor Trojan.

The venerable version might be using a walking frame to get around, but according to W3counter.com it's still the second-most popular attack vector version of IE in the wild.

Microsoft is considering whether to issue an out-of-cycle patch for the vulnerability. ®

New hybrid storage solutions

More from The Register

next story
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.