Tuesday, 17 September 2013

Internet Explorer 0 day Exploit in Wild - Microsoft to publish emergency Fix it on September 18, 2013

For the first time in a little over four months, Microsoft published an emergency advisory and Fix it for users of its Internet Explorer web browser.

Exploitation of Internet Explorer 8 and 9 has already been witnessed in the wild. That doesn't necessarily mean that users of Internet Explorer 6, 7, 10 and 11 are safe however.
The only unaffected Windows platforms are the server platforms that ship with IE in restricted mode by default. If you have disabled the restricted mode, these may also be vulnerable.
The flaw is being referenced as CVE-2013-3893 and when exploited successfully results in remote code execution (RCE) as the logged in user.
This is one of the reasons we frequently advise users not to run as an administrator for everyday tasks like internet browsing.
If an attacker wants to inflict more serious damage he will need to also use a elevation of privilege (EoP) exploit to gain more access to the victim PC.
There are several different ways to protect yourself until an official fix from Microsoft becomes available.
For more advanced users and corporate IT managers you can use Microsoft EMET to mitigate exploitation of this flaw as recommended in Microsoft's advisory 2887505.
For everyday Windows users Microsoft is also providing a "Fix it" download that changes your settings to provide protection until a permanent fix is available, but this only works in 32 bit versions of Internet Explorer.
My advice for non-corporate PCs is to simply use another browser until Microsoft is able to deliver a fix. There are many choices including Firefox,ChromeSafari and Opera.
We will keep an eye out for any updates on this vulnerability and alert our readers as soon as a permanent fix is available. Typically Microsoft will release an update as soon as possible.

Source : Sophos
World of Hacker © 2011 Creative Commons License
World of Hacker by KroKite is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at
Permissions beyond the scope of this license may be available at!newtopic/hackerforum.