Wednesday, 25 September 2013

IE 0-day: exploit code is available to public (CVE-2013-3893)

As posted in Rapid7 Community , IE 0-day Exploit code is available in public.

All [ Windows && Internet Explorer Users  and administrators ] should take immediate action to mitigate the risk posed by CVE-2013-3893. As per the rapid7 community, 
Exploitation in the wild still seems limited to IE 8 and 9, and the exploit which is circulating seems to also rely on MS Office to be present (not clear why, as yet).  However, all versions of IE are affected by this issue, which means that this vulnerability has likely been present since IE 6 was released in 2001.  The fact that it is getting attention now is either due to a noticeable volume or impact of active exploitation in the wild. It may have just been discovered last week, or it may have been in the private toolkit of the world's best malware writers for more than a decade. The vulnerability allows the attacker to gain the privileges of the user. All too often on Windows that means Administrator level privileges, but I would speculate that the exploit looking for MS Office could mean that it is being used with another privilege elevation vulnerability in Office. The mantra "I only visit safe sites" is a false promise of protection, as it's far too easy to misdirect, redirect, or otherwise cause a user to interact with a site that they are not expecting to.  Legitimate sites may also be compromised to host malware serving this exploit. To mitigate the risk of exploitation from this issue, install EMET 4.0, configure it to force ASLR, and enable a number of heap spraying and ROP protections.  Additionally, there is a "fixit" available from Microsoft which will attempt to modify the system to prevent exploitation.  Fixits are not full-fledged patches which have gone through Microsoft's generally rigorous quality assurance, so there is a risk that it’s not a complete solution or that it could cause compatibility issues with other products (details on both can be found here.) Personally I would do both: install and configure EMET, and apply the fixit.

Here is Link for "FIX IT / work-around" available for Internet Explorer:- 

Another small tip, how you can actually disable Internet in(secure) Explorer from your windows 7 , Windows 8.

  • Click Start.
  • Click Control Panel.
  • Follow Below Image.

Major Problem for Windows XP users, There is no safe way to remove Internet Explorer from System and is not recommended either
Reason : Internet Explorer is more than just a browser. It works as an underlying technology behind a number of internal Windows XP processes including updating, basic Windows functionality and more.

So, Kindly Switch over to Windows 7 or Windows 8 or Different OS than Windows [If any] for a shorter period of time. I don't say Windows OS is bad or Linux is Good or Macintosh is best. If you have paid for something, than obviously those company will always first focus on to save you from getting ripped as far as their knowledge Supports their will to save you!. :)

Other URL you may like to Visit :-

World of Hacker © 2011 Creative Commons License
World of Hacker by KroKite is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at
Permissions beyond the scope of this license may be available at!newtopic/hackerforum.