SecureState Blog

Read SecureState's award winning blog.

Microsoft has recently issued a security advisory for a remote code execution vulnerability with Internet Explorer 6-8.  As stated by Microsoft, this vulnerability may corrupt memory in a way that could potentially allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.

“The IE team is working around the clock to develop a security update to address this vulnerability for earlier versions of the product,” Microsoft stated. “However, until the update is available, customers using Internet Explorer 8 can block the current targeted attacks by introducing changes to disrupt any of the elements of the exploit.”

These changes involve disabling the following:

  • Javascript
  • Flash
  • MS-Help Protocol Helper
  • Java6

“Disabling Javascript will prevent the vulnerability from being triggered initially. Disabling Flash will prevent the ActionScript-based heap spray from preparing memory such that the freed object contains exploit code. Disabling the MS-Help protocol handler AND ensuring that Java6 is not allowed to run will block the ASLR bypass and the associated ROP chain.”

SecureState ultimately recommends that individuals upgrade to Internet Explorer9-10, as these versions are not affected.  Users can also opt to use a different browser, such as Mozilla Firefox or Google Chrome for example.  Current statistics from w3counter show that at least 14.03% of Web Browsers used are affected by the vulnerability.  *Note this statistic does not include Internet Explorer 6.

Threat Watch