United States
Web App Attacks: Sneaking in the Front Door
WatchGuard Technologies, Inc.
WatchGuard Technologies, Inc.
ProductsPartnersSupportAbout UsHow to BuySearchProfile
 
Products  

Security Articles

Video Tutorials

WatchGuard Feeds

WatchGuard Wire

Radio Free Security

White Papers

Case Studies

Network Security Glossary

WatchGuard Wire
Improve Your Security IQ

Upgrade to IE 8 to avoid new zero day vulnerability

9 March, 2010 -- During yesterday's Patch Day, Microsoft also released a security advisory giving customers an early warning about a zero day vulnerability that affects Internet Explorer (IE) 6 and 7. The flaw does not affect IE 8. 

According to the advisory, IE 6 and 7 suffer from an invalid pointer reference vulnerability, which is a memory-related flaw that attackers can leverage to inject and execute code on a victim computer. By enticing you to a specially crafted web page, an attacker can exploit this flaw to execute code on your computer with your privileges. If you have local admin privileges, the attacker gains complete control of your PC.

Making matters worse, Microsoft discovered this flaw because attackers are already exploiting it in the wild. Microsoft claims they have only seen the flaw exploited in "targeted' attacks, but they say the same thing for every zero day attack. It's still unclear how wide-spread this exploit really is.

Since this flaw was discovered in the wild, Microsoft has no patch yet. However, the flaw only affects IE 6 and 7. IE 8 is not affected. If you use IE 8, you're safe. If you don't, I would recommend you consider upgrading. Nonetheless, I do expect Microsoft to patch this flaw on a future Patch Day, and will inform LiveSecurity customers when they do.

On a separate topic, Microsoft also released a second security advisory yesterday that was not specifically about any security vulnerability. Instead, the advisory described a non-security related update that includes a new Windows feature called Extended Protection for Authentication. Essentially, this new feature makes it harder for attackers on your local network to steal Windows credentials as they pass over your network. I recommend you consider this update, and if you are interested check out this advisory. -- Corey Nachreiner, CISSP

Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.