Feeds

Redmond probes new IE 8 vulnerability

Zero day appeared on US Dept of Labor site

Protecting users from Firesheep and other Sidejacking attacks with SSL

Microsoft has confirmed a bug in Internet Explorer 8, CVE-2013-1347, which exposes user machines to remote code execution.

In an advisory, Microsoft says the vulnerability “exists in the way that Internet Explorer [accesses] an object in memory that has been deleted or has not been properly allocated.”

That, in turn, opens the door to memory corruption and remote code execution in the current user context.

According to this blog post by Eric Roman: “A use-after-free condition occurs when a CGenericElement object is freed, but a reference is kept on the document and used again during rendering, an invalid memory that’s controllable is used, and allows arbitrary code execution under the context of the user.”

That post also notes that an exploit has been seen in the wild. Last week, security companies AlienVault and Invincea reported that a site on a sub-domain of the US Department of Labor was serving malware, and Roman's blog post states that it was serving up an attack on the CVE-2013-1347 vulnerability.

According to Invincea, the Department of Labor exploit was installing the Poison Ivy backdoor Trojan.

The venerable version might be using a walking frame to get around, but according to W3counter.com it's still the second-most popular attack vector version of IE in the wild.

Microsoft is considering whether to issue an out-of-cycle patch for the vulnerability. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.