New IE Zero Day is Actively Exploited In Targeted Attacks
Right after a week from September Patch Tuesday, Microsoft had to rush a “Fix It” workaround tool to address a new zero-day Internet Explorer vulnerability (CVE-2013-3893), which is reportedly being actively exploited in certain targeted attacks.
Once this , the attacker may corrupt the memory in such a way that could allow execution of arbitrary code in the context of logged-in user. To do so, an attacker must persuade its victim to browse an exploit-hosting website by way of phishing, spam or social networking sites. As per Microsoft Security Advisory (2887505), all IE versions (from version 6 to 11) are affected by this vulnerability.
Trend Micro Deep Security and Intrusion Defence Firewall (IDF) customers can use the following DPI rule to protect their hosts from attacks around (CVE-2013-3893):
- 1005689 – Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893)
Users are also advised to make use of Microsoft’s “Fix It” workaround tool and avoid visiting unverified links, websites or open any email messages from unknown/dubious senders. We will update this blog once we have more information about this threat.