Another day, another vulnerability waiting to be widely exploited by malware authors. The latest is a newly discovered vulnerability that affects Internet Explorer 8 whether it is in use on Windows XP, Vista, or 7. The exploit has already been rolled into a module and added to the Metasploit Framework, a free penetration testing tool. Information on how to use the vulnerability is also now in widespread circulation.
Fractured glass photo effect courtesy of PhotoFunia.
At least there is some good news…Microsoft has confirmed that the exploit has no effect on Internet Explorer versions 6, 7, 9, and 10. If you have a system running Internet Explorer 8, then using an alternative browser until Microsoft releases a security update is a good idea. If using an alternative browser is not an option, then you can make use of Microsoft’s EMET (Enhanced Mitigation Experience) Toolkit (links are available at the bottom of the article).
From the Krebs on Security post: The security hole has already been leveraged in at least one high-profile attack. Over the weekend, several security vendors reported that the U.S. Department of Labor Web site had been hacked and seeded with code designed to exploit the flaw and download malicious software.
From the H Security post: Microsoft suggests that users of IE8 could deploy EMET, the Enhanced Mitigation Experience Toolkit, and gives instructions how to configure it to add its protective layer to IE8 either through the EMET user interface, command line or via Group Policy. Upgrading to IE9 is also an option for Windows Vista and later, and upgrading to IE10 is an option for users of Windows 7 or later.
You can learn more about the latest vulnerability and the increased activity by malware authors to exploit it by visiting the links below.
Zero-Day Exploit Published for IE8 [Krebs on Security]
Exploit for new IE8 0-day vulnerability in the wild [The H Security]
Links for EMET (Enhanced Mitigation Experience Toolkit)
Enhanced Mitigation Experience Toolkit v3.0 [Microsoft Download Center]
The Enhanced Mitigation Experience Toolkit [Microsoft Support]
[via Krebs on Security]