FireEye Labs has discovered an "exploit that leverages a new information leakage vulnerability and an IE out-of-bounds memory access vulnerability to achieve code execution." [1] Based on their analysis, it affects IE 7, 8, 9 and 10. According to Microsoft, the vulnerability can be mitigated by EMET.[2][3] Additional information on FireEye Labs post available here.
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu |
Guy 522 Posts ISC Handler Nov 9th 2013 |
Thread locked Subscribe |
Nov 9th 2013 8 years ago |
Microsoft should have integrated EMET into Windows 8, and they should have it as an optional update either in the next Win7 SP or during a Patch Tuesday.
|
dayglo 5 Posts |
Quote |
Nov 9th 2013 8 years ago |
It's nice to know that we don't have to wait for EOL on Windows XP to keep enjoying the love.
|
dayglo 57 Posts |
Quote |
Nov 10th 2013 8 years ago |
dayglo 57 Posts |
|
Quote |
Nov 10th 2013 8 years ago |
Suspicious that the fix is in the current cycle.
Says that the actor here knew the vuln was about to be patched, that it's value therefore had dropped to "throwaway," and they used it for targets where the risk of discovery was high. Same is true of CVE-2013-1690 that the FBI used to unmask TOR users. The patch was already in the general Firefox distribution when the exploit was deployed against the not-yet updated TBB derivative Firefox. More about that here https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html |
Starlight 34 Posts |
Quote |
Nov 12th 2013 8 years ago |
Sign Up for Free or Log In to start participating in the conversation!