Internet Explorer Out-of-Band Patch Released
GSA Reference Number: AD100121-01
Previous GSA Reference Number: AD100119-01
Simply Put: Microsoft has released an out-of-band patch for the Internet Explorer remote code execution exploit referenced above as well as for other security vulnerabilities. There is evidence that this exploit is being used in limited, targeted attacks on the Internet. For now, no widespread worms or exploit packs are currently using this vulnerability. The Microsoft bulletin can be found here, and the update can be downloaded through Windows Update.
Attack Details: The attack has been dubbed by McAfee as “Aurora.” It takes advantage of a null pointer reference present in Internet Explorer (IE) 6 and later. This vulnerability can be exploited by a maliciously crafted website. There is no user interaction required other than visiting such a site, so this exploit may be used with social engineering or phishing emails soon.
Countermeasures: Microsoft has released a patch for this exploit. Gladiator recommends that all users update their systems as quickly as possible to protect themselves from this threat. This patch should be applied if you are running Internet Explorer Version 6 or later, regardless of operating system. Internet Explorer 8 does have Data Execution Prevention (DEP), which can mitigate this vulnerability, however, there are reports that DEP could possibly be bypassed.
Reference Links:
- Microsoft Bulletin (http://www.microsoft.com/technet/security/bulletin/MS10-002.mspx)