Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Microsoft release FixIt for IE9/IE10 Zero Day - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft release FixIt for IE9/IE10 Zero Day

Microsoft has published a TechNet article detailing the availability of a "FixIt" for the current IE9/IE10 zero day which has been doing the rounds. Corporate users will presumably have to wait until the availability of the patch which Microsoft say will be released during the monthly patching cycle.

Microsoft released Advisory 2934088 :

They have released a FixIt, another shim fix, that is available for download :

Thanks to one of our regulars, and Swa for the overnight heads-up.


Steve Hall

ISC Handler 


89 Posts
Feb 20th 2014
> The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated.

It's sad that Internet Explorer does not take a few micro-seconds to write "zero" bytes over the range of memory that is to be "deleted", so that any "use-after-free" attempts will never find any "useful" data-values in that range of addresses.

One IBM mainframe operating system that has been creating virtual-machines for over 30 years has a "page-free" interface -- a VM cooperatively telling the hypervisor that a "page" (4Kbytes) of memory has been "forfeited". The hypervisor can react by excluding that page from any RAM-management (no need to "page-out" that block to a swap-disk-drive -- and the next requester of that page of "real" RAM will get a zero'd-out block).

Sign Up for Free or Log In to start participating in the conversation!