14 DAY TRIAL // Microsoft this morning rolled out a patch to fix a security flaw in Internet Explorer, confirming that a number of attacks aimed at IE8 and IE9 users have indeed been reported.
Wolfgang Kandek, CTO of Qualys, explained in a blog post that attackers are usually trying to exploit the 0-day flaw using compromised websites with JavaScript code, so blocking these pages would be the first step to stay on the safe side.
“The attacker exploits the vulnerability by setting up a malicious webpage which uses JavaScript code to prepare a user-after-free condition, where previously allocated memory, whose content the attacker can control, is accessed after it has been marked as not used anymore,” Kandek explained.
“The exploit depends on a Microsoft Office DLL which has been compiled without Adress Space Layout Randomization (ALSR) to locate the right memory segment to attack, but this DLL is extremely common and most likely will not lower the affected population by much.”
Some attacks have been aimed at Japanese users, Kandek added, but this doesn’t necessarily mean that everybody else is fully protected. As a result, users are recommended to deploy the Fix It tool released by Microsoft as soon as possible and wait for a patch to address the security vulnerability.