Microsoft issues temporary fix for IE zero-day targeting service members
U.S. Department of Labor website was serving zero-day Internet Explorer 8 exploit
Microsoft has released a temporary solution to prevent exploitation of a new zero-day vulnerability in Internet Explorer (IE).
On Wednesday, the tech giant provided the “Fix it,” nearly a week after news surfaced about limited attacks leveraging the vulnerability.
Last Thursday, researchers at FireEye revealed that a U.S. veterans website was compromised to serve the zero-day exploit, and that attackers likely launched the campaign to steal intel from military service members. In the attack campaign, dubbed “Operation SnowMan,” the booby trapped site was ultimately used as a means of infecting visitors with a backdoor used for cyber espionage purposes.
In a Wednesday security advisory, Microsoft said that it was aware of “limited, targeted attacks” that attempted to exploit the vulnerability (CVE-2014-0322), which impacts IE 9 and 10, but not IE 11 users.
The company also provided further details on the security issue.
“The vulnerability is a remote code execution vulnerability [which] exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” the advisory said. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website,” the advisory said of potential attack vectors.
On a Microsoft support page, the company recommended that users restart IE after installing the Fix it to avoid experiencing increased memory usage while browsing the web.