Solved

Internet Explorer Zero-Day Flaw 2013

Posted on 2013-01-16
5
414 Views
Last Modified: 2013-07-22
I am seeing articles about this topic all over the net and my company is using IE 8 as a standard apps browser and some of the apps involved sensitive data/information.

I did a search on Zero Day on Expert Exchange but the results given were posted on 2011, are they the same thing?

I saw the posts were stating fixit patch that was released few days ago didn't help and that the permanent solution was to upgrade to IE9 and above.

Should I be alarmed by this IE flaw since everyone in my company are using IE8?
If so is there any countermeasure that I can consider of?
0
Comment
Question by:mondainai
5 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 168 total points
ID: 38787403
Make sure your users are not Administrators of their machines, Windows 7 by default makes it this way, but often people over-ride it for their users, making them Admins of their machines. That's the biggest no-no in all of IT. The second mitigating factor is to apply the M$ EMET tool to all programs that users use, Adobe (flash/reader/shockwave), Java, Office, IE, FireFox, Chrome etc... http://www.microsoft.com/en-us/download/details.aspx?id=29851 It's a great tool that I've used since it came out, no issues what so ever, but your mileage may vary.
-rich
0
 
LVL 62

Assisted Solution

by:btan
btan earned 166 total points
ID: 38787441
IE was having serious of event of such serious and of high risk rating because public exploit ia available and even free pentest tool has ready exploit package using it since end Sept 2012. It mentioned successfully attack the vulnerability on Internet Explorer versions 7, 8 and 9 on Windows XP, Vista and 7.

http://krebsonsecurity.com/2012/09/exploit-released-for-zero-day-in-internet-explorer/

But I believe you are referring to this and that is another targeted real attack on IE (again) using flash exploit. The seriousness is because of the water hole effect where website(s) itself become a hosting malware of the flash waiting for more user to visit it.

http://krebsonsecurity.com/2012/12/attackers-target-internet-explorer-zero-day-flaw/

According to Microsoft, the issue is "under limited exploit in the wild"; however, there is a Metasploit module available which can theoretically exploit the hole.

http://cyberarms.wordpress.com/2013/01/08/latest-internet-explorer-zero-day-exploit-walkthrough-using-metasploit/

But since Dec with this hotting up, MS out-of-band security update for the critical security hole that affects Internet Explorer 6, 7 and 8 is now available as of 14 Jan. MS had previously released a "Fix it" patch, which had subsequently been worked around by security researchers. If users have installed the "Fix it", they do not need to uninstall it as it does not interfere with the operation of the update, but MS suggests that it should be removed after the update. MS also reminds users that, where possible, they should update to Internet Explorer 9 which is not vulnerable to this hole.

You may want to check out this on MS FAQs

http://blogs.technet.com/b/msrc/p/january-2013-oob-security-bulletin-q-a.aspx

Q: If EMET was used to mitigate the possible attack, should this be removed once the patch is successfully installed?

A: EMET is not only effective to mitigate possible attacks of this issue, but it's a useful tool to mitigate several classes of attacks. EMET adds several layers of mitigations to the ones already present in the operating system. If EMET works for your environment we recommend keeping it enabled to mitigate future attacks.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 166 total points
ID: 38789206
Hi.

It's important to know what flaw you are talking about. This? http://blogs.technet.com/b/msrc/archive/2013/01/14/ms13-008-released-for-security-advisory-2794220.aspx is fixed.

You have to be aware that using the web is always risky, not only when so called zero-day exploits are on the news. It's risky every day because dumb users might send out your company's data simply because they don't understand, what they are been tricked into.
Apply patches but be aware that there might be more holes that some people know but you don't.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question