Two New Vulnerabilities Linked to Latest IE Zero Day

  • 30 April 2014
  • 0 replies
  • 6 views

Userlevel 7
Badge +52
The Internet Explorer zero day disclosed over the weekend may not be the precursor to the Windows XP malware apocalypse everyone has been dreading, but it has prompted US-CERT to advise against using the Microsoft browser until it is patched. And it has kicked off further research into the vulnerability to see what else is under the covers.
 
Researchers at Websense reported yesterday that a number of IE crash reportscoinciding with the appearance of the exploit in the wild point to two more possible vulnerabilities in the vector graphics dll, VGX IE 8 and 9 that could be exploited by CVE-2014-1776.
 
The researchers use application crash reports from computers running Windows XP, Vista, 7 and 8 sent through the Windows Error Reporting framework to investigate the possibility of advanced attacks against organizations. Exploits often cause applications to crash and these reports, also known as Dr. Watson reports, are sent in the clear to Microsoft so that bugs can be prioritized and addressed, as well as user experience issues. The reports are triggered not only by crashes, but also when applications fail to update or when hardware changes are detected on a network.
 
The IE zero day set off alarm bells since it can be exploited all the way back to versions of IE compatible with Windows XP, which is no longer supported by Microsoft as of April 8. Microsoft issued an advisoryand warned users that hackers were actively exploiting the use-after-free vulnerability in limited targeted attacks, although only in IE 9 through IE 11.
 
Researchers at FireEye also shared details on the exploit and said that it is used in conjunction with a Adobe Flash exploit to cause memory corruption and allow an attacker to run code remotely on the compromised computer. The vulnerability in IE is specific to the browser’s handling of the Vector Markup Language and vector graphics rendering. Microsoft advised as a temporary mitigation that admins disable the VGX.DLL; the library is crucial for proper graphics rendering and is used by IE as well as Office applications.
 
Full Article

0 replies

Be the first to reply!

Reply