• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Internet Explorer Update Plugs a Vulnerability Duo

July 10, 2012 By Corey Nachreiner

Severity: High

Summary:

  • These vulnerabilities affect: Internet Explorer 9 (IE 9)
  • How an attacker exploits them: By enticing one of your users to visit a malicious web page
  • Impact: An attacker can execute code on your user’s computer, often gaining complete control of it
  • What to do: Install Microsoft’s Internet Explorer 9 update immediately, or let Windows Automatic Update do it for you

Exposure:

During Patch Day, Microsoft released a security bulletin to fix two vulnerabilities in Internet Explorer 9 (IE9). The flaws only affect IE 9, and not previous versions of Microsoft’s popular browser.

Though the two flaws differ technically, they both stem from IE inappropriately accessing a previously deleted object. These sorts of invalid access vulnerabilities often result in memory corruptions, which attackers can expertly leverage to force code to execute on your computer, with your privileges.

So in short, if an attacker can lure you to a web site with specially crafted code, he can exploit this flaw to execute code on your computer. If you have local administrator privileges, the attacker gains complete control of your PC.

As an aside, hackers commonly target legitimate web sites and booby-trap them with malicious code, by exploiting various web application vulnerabilities. In other words, you can sometimes encounter these sorts of “drive-by download” attacks even while visiting trusted, legitimate web sites.

If you’d like to know more about the technical differences between these flaws, see the “Vulnerability Information” section of Microsoft’s bulletin.

Solution Path:

These updates fix serious issues. You should download, test, and deploy the appropriate IE 9 patches immediately, or let Windows Automatic Update do it for you. You can find links to the various IE updates in the “Affected and Non-Affected Software” section of Microsoft’s IE security bulletin. If you use IE 8 or below, you do not have to update.

For All WatchGuard Users:

These attacks travel as normal-looking HTTP traffic, which you must allow if your network users need to access the World Wide Web. Therefore, the patches above are your best solution.

That said, WatchGuard’s Gateway Antivirus and Intrusion Prevention Service can often prevent these sorts of attacks, or the malware they try to distribute. We highly recommend you enable our security services on your WatchGuard XTM and XCS appliances.

Status:

Microsoft has released patches to fix these vulnerabilities.

References:

  • MS Security Bulletin MS12-044

This alert was researched and written by Corey Nachreiner, CISSP.

Share This:

Related

Filed Under: Security Bytes Tagged With: drive-by download, Internet Explorer, Microsoft, Remote code execution (RSE)

Comments

  1. generate local traffic says

    September 27, 2014 at 10:32 pm

    This piece of writing gives clear idea for the new visitors of blogging, that
    genuinely how to do blogging and site-building.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • An Update on Section 230

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use