Microsoft yesterday revealed that an unpatched vulnerability in Internet Explorer is being exploited and has released a temporary Fix It solution to address the serious security flaw.
Redmond revealed that the cause of vulnerability is memory corruption bug in Internet Explorer, which when exploited would allow attackers to run arbitrary code remotely. Microsoft added that it was aware of targeted attacks against Internet Explorer 8 and 9, which exploited the vulnerability, but all version of Internet Explorer are vulnerable.
“The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer”, notes Microsoft in a security advisory.
Microsoft has released a temporary Fix It solution, but the main concern here is that as soon as fixes like these are released hacker groups rush to reverse engineer them and build exploits of their own. Security experts are of the opinion that all users should immediately apply the Fix It solution or should stop using Internet Explorer completely and switch to other browsers like Chrome or Firefox up until Microsoft permanently resolves the security flaw through Windows Update program.
Users of Windows Server products are seemingly safe as Internet Explorer on these operating systems run under Enhanced Security Configuration and according to Microsoft this mode mitigates the vulnerability. Redmond has listed quite a few other mitigation measures, but hasn’t given out any information about the origin of the attacks or which all websites are spreading the exploit.
According to Qualys, the vulnerability is being actively exploited in Japan and that the attack “depends on a Microsoft Office DLL which has been compiled without Adress Space Layout Randomization (ALSR) to locate the right memory segment to attack.”