Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Internet Explorer Zero-Day Flaw 2013

Posted on 2013-01-16
5
Medium Priority
?
443 Views
Last Modified: 2013-07-22
I am seeing articles about this topic all over the net and my company is using IE 8 as a standard apps browser and some of the apps involved sensitive data/information.

I did a search on Zero Day on Expert Exchange but the results given were posted on 2011, are they the same thing?

I saw the posts were stating fixit patch that was released few days ago didn't help and that the permanent solution was to upgrade to IE9 and above.

Should I be alarmed by this IE flaw since everyone in my company are using IE8?
If so is there any countermeasure that I can consider of?
0
Comment
Question by:mondainai
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 672 total points
ID: 38787403
Make sure your users are not Administrators of their machines, Windows 7 by default makes it this way, but often people over-ride it for their users, making them Admins of their machines. That's the biggest no-no in all of IT. The second mitigating factor is to apply the M$ EMET tool to all programs that users use, Adobe (flash/reader/shockwave), Java, Office, IE, FireFox, Chrome etc... http://www.microsoft.com/en-us/download/details.aspx?id=29851 It's a great tool that I've used since it came out, no issues what so ever, but your mileage may vary.
-rich
0
 
LVL 65

Assisted Solution

by:btan
btan earned 664 total points
ID: 38787441
IE was having serious of event of such serious and of high risk rating because public exploit ia available and even free pentest tool has ready exploit package using it since end Sept 2012. It mentioned successfully attack the vulnerability on Internet Explorer versions 7, 8 and 9 on Windows XP, Vista and 7.

http://krebsonsecurity.com/2012/09/exploit-released-for-zero-day-in-internet-explorer/

But I believe you are referring to this and that is another targeted real attack on IE (again) using flash exploit. The seriousness is because of the water hole effect where website(s) itself become a hosting malware of the flash waiting for more user to visit it.

http://krebsonsecurity.com/2012/12/attackers-target-internet-explorer-zero-day-flaw/

According to Microsoft, the issue is "under limited exploit in the wild"; however, there is a Metasploit module available which can theoretically exploit the hole.

http://cyberarms.wordpress.com/2013/01/08/latest-internet-explorer-zero-day-exploit-walkthrough-using-metasploit/

But since Dec with this hotting up, MS out-of-band security update for the critical security hole that affects Internet Explorer 6, 7 and 8 is now available as of 14 Jan. MS had previously released a "Fix it" patch, which had subsequently been worked around by security researchers. If users have installed the "Fix it", they do not need to uninstall it as it does not interfere with the operation of the update, but MS suggests that it should be removed after the update. MS also reminds users that, where possible, they should update to Internet Explorer 9 which is not vulnerable to this hole.

You may want to check out this on MS FAQs

http://blogs.technet.com/b/msrc/p/january-2013-oob-security-bulletin-q-a.aspx

Q: If EMET was used to mitigate the possible attack, should this be removed once the patch is successfully installed?

A: EMET is not only effective to mitigate possible attacks of this issue, but it's a useful tool to mitigate several classes of attacks. EMET adds several layers of mitigations to the ones already present in the operating system. If EMET works for your environment we recommend keeping it enabled to mitigate future attacks.
0
 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 664 total points
ID: 38789206
Hi.

It's important to know what flaw you are talking about. This? http://blogs.technet.com/b/msrc/archive/2013/01/14/ms13-008-released-for-security-advisory-2794220.aspx is fixed.

You have to be aware that using the web is always risky, not only when so called zero-day exploits are on the news. It's risky every day because dumb users might send out your company's data simply because they don't understand, what they are been tricked into.
Apply patches but be aware that there might be more holes that some people know but you don't.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question