Microsoft has published an emergency security advisory in response to reports of a zero-day vulnerability found in the company’s Internet Explorer browser that could allow for remote code execution by attackers.
All versions of IE are said to be vulnerable except for server platforms which had the browser in restricted mode as a default, and exploits in the wild targeting the vulnerability have already been reported.
“The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” Microsoft’s advisory stated.
“The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”
Attackers can could gain the same level privileges on as system as the infected user maintains, and so limiting the configured rights of users to only the level essential could help mitigate this threat.
Microsoft also recommends users “apply the Microsoft Fix it solution, “CVE-2013-3893 MSHTML Shim Workaround”, that prevents exploitation of this issue. See Microsoft Knowledge Base Article 2887505 to use the automated Microsoft Fix it solution to enable or disable this workaround.”
“On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs,” the advisory continued.
Read More Here…