Microsoft issues temporary fix for IE zero-day targeting service members

Share this article:
U.S. Department of Labor website was serving zero-day Internet Explorer 8 exploit
U.S. Department of Labor website was serving zero-day Internet Explorer 8 exploit

Microsoft has released a temporary solution to prevent exploitation of a new zero-day vulnerability in Internet Explorer (IE).

On Wednesday, the tech giant provided the “Fix it,” nearly a week after news surfaced about limited attacks leveraging the vulnerability.

Last Thursday, researchers at FireEye revealed that a U.S. veterans website was compromised to serve the zero-day exploit, and that attackers likely launched the campaign to steal intel from military service members. In the attack campaign, dubbed “Operation SnowMan,” the booby trapped site was ultimately used as a means of infecting visitors with a backdoor used for cyber espionage purposes.

In a Wednesday security advisory, Microsoft said that it was aware of “limited, targeted attacks” that attempted to exploit the vulnerability (CVE-2014-0322), which impacts IE 9 and 10, but not IE 11 users.

The company also provided further details on the security issue.

“The vulnerability is a remote code execution vulnerability [which] exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” the advisory said. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website,” the advisory said of potential attack vectors.

On a Microsoft support page, the company recommended that users restart IE after installing the Fix it to avoid experiencing increased memory usage while browsing the web.

Share this article:

Sign up to our newsletters

More in News

AOL Mail hack furthers spam campaign using spoofed accounts

AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.

Backdoors in Wi-Fi routers, said to be closed, can be reopened

Backdoors in Wi-Fi routers, said to be closed, ...

Although said to be patched, researcher Eloi Vanderbeken discovered during the Easter holiday that backdoors existing in certain wireless routers can be reactivated.

Apple ships Mac OS X updates, fixes several code execution bugs

Apple ships Mac OS X updates, fixes several ...

Among the addressed vulnerabilities, was a bug affecting WindowServer, which could allow an attacker to execute malicious code outside the sandbox.