• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 450
  • Last Modified:

Internet Explorer Zero-Day Flaw 2013

I am seeing articles about this topic all over the net and my company is using IE 8 as a standard apps browser and some of the apps involved sensitive data/information.

I did a search on Zero Day on Expert Exchange but the results given were posted on 2011, are they the same thing?

I saw the posts were stating fixit patch that was released few days ago didn't help and that the permanent solution was to upgrade to IE9 and above.

Should I be alarmed by this IE flaw since everyone in my company are using IE8?
If so is there any countermeasure that I can consider of?
0
mondainai
Asked:
mondainai
3 Solutions
 
Rich RumbleSecurity SamuraiCommented:
Make sure your users are not Administrators of their machines, Windows 7 by default makes it this way, but often people over-ride it for their users, making them Admins of their machines. That's the biggest no-no in all of IT. The second mitigating factor is to apply the M$ EMET tool to all programs that users use, Adobe (flash/reader/shockwave), Java, Office, IE, FireFox, Chrome etc... http://www.microsoft.com/en-us/download/details.aspx?id=29851 It's a great tool that I've used since it came out, no issues what so ever, but your mileage may vary.
-rich
0
 
btanExec ConsultantCommented:
IE was having serious of event of such serious and of high risk rating because public exploit ia available and even free pentest tool has ready exploit package using it since end Sept 2012. It mentioned successfully attack the vulnerability on Internet Explorer versions 7, 8 and 9 on Windows XP, Vista and 7.

http://krebsonsecurity.com/2012/09/exploit-released-for-zero-day-in-internet-explorer/

But I believe you are referring to this and that is another targeted real attack on IE (again) using flash exploit. The seriousness is because of the water hole effect where website(s) itself become a hosting malware of the flash waiting for more user to visit it.

http://krebsonsecurity.com/2012/12/attackers-target-internet-explorer-zero-day-flaw/

According to Microsoft, the issue is "under limited exploit in the wild"; however, there is a Metasploit module available which can theoretically exploit the hole.

http://cyberarms.wordpress.com/2013/01/08/latest-internet-explorer-zero-day-exploit-walkthrough-using-metasploit/

But since Dec with this hotting up, MS out-of-band security update for the critical security hole that affects Internet Explorer 6, 7 and 8 is now available as of 14 Jan. MS had previously released a "Fix it" patch, which had subsequently been worked around by security researchers. If users have installed the "Fix it", they do not need to uninstall it as it does not interfere with the operation of the update, but MS suggests that it should be removed after the update. MS also reminds users that, where possible, they should update to Internet Explorer 9 which is not vulnerable to this hole.

You may want to check out this on MS FAQs

http://blogs.technet.com/b/msrc/p/january-2013-oob-security-bulletin-q-a.aspx

Q: If EMET was used to mitigate the possible attack, should this be removed once the patch is successfully installed?

A: EMET is not only effective to mitigate possible attacks of this issue, but it's a useful tool to mitigate several classes of attacks. EMET adds several layers of mitigations to the ones already present in the operating system. If EMET works for your environment we recommend keeping it enabled to mitigate future attacks.
0
 
McKnifeCommented:
Hi.

It's important to know what flaw you are talking about. This? http://blogs.technet.com/b/msrc/archive/2013/01/14/ms13-008-released-for-security-advisory-2794220.aspx is fixed.

You have to be aware that using the web is always risky, not only when so called zero-day exploits are on the news. It's risky every day because dumb users might send out your company's data simply because they don't understand, what they are been tricked into.
Apply patches but be aware that there might be more holes that some people know but you don't.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now