Editorial Staff
All the versions of the Internet Explorer seem to be suffering by a vulnerability that is being used for limited exploitation of the web as revealed by Microsoft. The browsers are still under investigation and the action that would be taken has not been made clear. The vulnerability has been found to exist in 6 – 11 versions of the browser. However except the server core, all the versions of the windows have been affected by this. This “use after free” attack comes into action after the memory from the browser objects has been released. The version of the windows server that runs the IE under the enhanced security configuration by default cannot be exploited through this vulnerability unless the affected site comes under the trusted sites zone of the IE. The FireEye research firm pointed out this vulnerability to Microsoft.
According to the FireEye, even though the vulnerability affects all the versions, the 9, 10 and 11 versions are particularly affected. Both the Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) are bypassed in this attack. The Adobe Flash SWF file is used for the heap manipulation by means of a technique “heap feng shui”. This means that the systems which do not have the flash installed on them are not prone to exploitation. Versions 10 and 11 have flash embedded so by default they are vulnerable. This vulnerability can be secured to some extent by using EMET i.e., the Enhanced Mitigation Experience Toolkit.
Mohith Agadi
Gollapalli Nithin Kumar
