Friday, November 24, 2017
Home / Security / Exploits / Microsoft IE Zero-day Exploited in the Wild

Microsoft IE Zero-day Exploited in the Wild

Microsoft has announced the existence of a zero-day vulnerability (CVE-2013-3893) in its browser, Internet Explorer. Windows browsers IE 8 and IE 9 are both affected by a serious zero-day vulnerability recently being utilized in attacks.

Microsoft confirmed that the defect was unknown prior to the attacks and they are

Internet Explorer 7
Internet Explorer 7 (Photo credit: Wikipedia)

now working on an official patch to protect their customers browser’s.

The official advisory issued today describes the IE zero-day vulnerability as a remote bug that could be exploited by hackers and install malware on the victim’s machine via a malicious link.

“The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”

Zero-day vulnerability in the browsers are by far the worst for home users and the possible risks associated with its exploitation, victims could be infected at any time.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …