Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Microsoft Internet Explorer use-after-free Vulnerability

 

Systems Affected


Windows Server 2003 SP2
Windows Server 2003 x64 Edition SP2
Windows Vista SP2 and prior
Windows Vista x64 Edition SP2 and prior
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2008 for 32-bit Systems SP2 and prior
Windows Server 2008 for x64-based Systems SP2 and prior
Windows 7 for 32-bit Systems SP1 and prior
Windows 7 for x64-based Systems SP1 and prior
Windows Server 2008 for Itanium-based Systems SP1 and prior
Windows Server 2008 for Itanium-based Systems SP2
Windows Server 2008 R2 for x64-based Systems SP1 and prior
Windows Server 2008 R2 for Itanium-based Systems SP1 and prior
Windows 8 for 32-bit and 64bit Systems
Windows 8.1 for 32-bit and 64-bit Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1

Component Affected
Internet Explorer 6,7,8,9,10,11

Threat Level


High


Overview


A use-after-free vulnerability has been reported in the Microsoft Internet Explorer, which could allow a remote attacker to execute arbitrary code on a targeted system in the context of current user within Internet Explorer.


Description


This vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. A remote attacker could exploit this vulnerability by hosting a specially crafted website and then convincing users to view the website. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system. Note: Proof of Concept (POC) for this exploit is publicly available.


Impact



Solution/ Workarounds



Configure Enhanced Mitigation Experience Toolkit 4.1/5.0 for IE.
Disable flash plug-in in IE.
Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
Enable Enhanced Protected Mode for Internet Explorer 11 and Enable 64-bit Processes for Enhanced Protected Mode.
Unregister VGX.DLL.(re-register vgx.dll once update available)
Restrict access to VGX.DLL by modifying the ACL.( revert to the previous ACL configuration once update available)
Avoid clicking links in email messages.


References


http://www.kb.cert.org/vuls/id/222929


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.