Zero-day Internet Explorer 9 and 10 is actively exploited




A zero-day vulnerability in Internet Explorer 9, and 10 are actively exploited, and focuses on U.S. veterans, found a U.S. security. In addition, security measures are circumvented in Windows.

Internet Explorer 10 logo (75 pix) Security researchers from FireEye came vulnerability and associated exploits on the track. A Microsoft spokesman late Ars Technica know that both Internet Explorer 9 and 10 is susceptible to the attack, therefore he must be Flash installed. Internet Explorer 11, the latest version of Microsoft’s Web browser is not open. According to StatCounter IE9 and 10 have a combined market share of 8 percent.

The vulnerability could be exploited for a drive-by download attack on a website for American veterans. Such an attack is through a hole in the software installed unnoticed code as a website is visited. In this case, the exploit was served via an iframe, after malware was installed. How the attackers have cracked the website is unclear. According to FireEye were the attackers who exploit the vulnerability rather behind other zero days.

The exploit uses a bug where code is executed when bytes are written to memory that is freed: A use after free bug . In addition to address space layout randomization and data execution prevention circumvented. These security measures are exploits that are on the internal memory pointing to counter.

Bypassing pat, which should avoid writable memory is performed, was done by using. Return-oriented programming In addition, the existing machine instructions of a program executed in a specific order chosen by the attacker, which he can compose his own code.

ASLR, which provides random memory addresses to make it more difficult to bypass certain parts of memory was bypassed using Flash ActionScript. Once the exploit has been made possible, access to memory is malware downloaded. These include the ZxShell backdoor.


In: Technology & Gadgets Asked By: [15459 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »