Sunday, April 27, 2014

Security Advisory 2963983, IE Zero-Day Vulnerability

Security Advisory
Microsoft released Security Advisory 2963983 which relates to a vulnerability in Internet Explorer.

With the vulnerability, an attacker could cause remote code execution if someone visited a malicious website with an affected browser. Generally, this would occur by an attacker convincing someone to click a link in an email or instant message.

Although the vulnerability affects all versions of IE, at this time, Microsoft is aware of limited, targeted attacks, in which the exploit observed appears to target IE9, IE10 and IE11.


Additional details about the exploit are available from the FireEye Blog, New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks.

Recommendations 

As illustrated in the "Security Research and Defense Blog" reference below, users of IE 10 and 11 should ensure they haven't disabled Enhanced Protection Mode. 

Another option is to install the Enhanced Mitigation Experience Toolkit (EMET).  The recommended setting for EMET 4.1, available from KB Article 2458544, is automatically configured to help protect Internet Explorer. No additional steps are required.

See the Tech Net Advisory for instructions on changing the following settings to help protect against exploitation of this vulnerability:
  • Change your settings for the Internet security zone to high to block ActiveX controls and Active Scripting
  • Change your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. 

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: