Microsoft issues temporary fix for IE zero-day targeting service members

Share this article:
U.S. Department of Labor website was serving zero-day Internet Explorer 8 exploit
U.S. Department of Labor website was serving zero-day Internet Explorer 8 exploit

Microsoft has released a temporary solution to prevent exploitation of a new zero-day vulnerability in Internet Explorer (IE).

On Wednesday, the tech giant provided the “Fix it,” nearly a week after news surfaced about limited attacks leveraging the vulnerability.

Last Thursday, researchers at FireEye revealed that a U.S. veterans website was compromised to serve the zero-day exploit, and that attackers likely launched the campaign to steal intel from military service members. In the attack campaign, dubbed “Operation SnowMan,” the booby trapped site was ultimately used as a means of infecting visitors with a backdoor used for cyber espionage purposes.

In a Wednesday security advisory, Microsoft said that it was aware of “limited, targeted attacks” that attempted to exploit the vulnerability (CVE-2014-0322), which impacts IE 9 and 10, but not IE 11 users.

The company also provided further details on the security issue.

“The vulnerability is a remote code execution vulnerability [which] exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” the advisory said. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website,” the advisory said of potential attack vectors.

On a Microsoft support page, the company recommended that users restart IE after installing the Fix it to avoid experiencing increased memory usage while browsing the web.

Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.