Microsoft IE Zero Day Gets Emergency Patch

Author: Tom Spring
minute read

Microsoft issued an out-of-band patch for a zero day bug in its Internet Explorer browser.

Microsoft patched a zero-day vulnerability in its Internet Explorer browser that is actively being exploited by attackers. The bug, reported by Google, is a remote code execution vulnerability that allowed attackers to infiltrate vulnerable systems via a booby trapped website that could have injected malicious code into the Internet Explorer browser.

“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft wrote in an advisory posted Wednesday. “In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.”

The vulnerability (CVE-2018-8653) has been exploited in the wild, according to Satnam Narang, senior research engineer at Tenable. He said the bug allows an attacker to assume the privileges of the current Windows user and execute arbitrary code on the targeted system.

“If the current user has administrative rights on a system, an attacker can take control of the victim’s system to implant malware, modify data and add additional user accounts,” Narang wrote in an email.

Microsoft is urging customers to ensure that their Windows systems receive the Windows Update. Windows 10 users can also check for updates manually. Users of earlier versions of Windows can also check for updates here.

Since the vulnerability is actively being exploited in the wild, neither Microsoft or Google’s Threat Analysis Group has disclosed technical details tied to the IE zero-day vulnerability.

According to Microsoft, the remote code execution vulnerability exists because of the way affected versions of the IE browser’s scripting engine handles objects in memory. “The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” it said.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory, according to Microsoft.

Suggested articles

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.