Zero-Day Exploits On IE7 Could Spread To Other Microsoft Browsers

IE5, IE6, and the IE8 beta are also potentially vulnerable, software giant says



The zero-day vulnerability in Internet Explorer 7 can also be found in other versions of the Microsoft browser, but exploits can be avoided through a series of workarounds, Microsoft said yesterday.

The zero-day vulnerability reported last week has led to exploits that are still in the wild, confirmed in a security bulletin issued yesterday. Although the attacks so far have been only against versions of IE7, Microsoft also conceded that IE versions 5, 6, and the 8.2 beta are also potentially vulnerable.

"The vulnerability exists as an invalid pointer reference in the data binding function of Internet Explorer," Microsoft says. "When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object's memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable."

Attacks that exploit the vulnerability continue, and there are likely to be more, Microsoft says. "Current trending indicates that there may be attempts to utilize SQL injection attacks against Websites to load attack code on those Website," the company says. Microsoft is recommending a series of "workarounds" that are designed to prevent the attacks:

  • Protected Mode in Internet Explorer 7 and Internet Explorer 8 Beta 2 in Windows Vista limits the impact of the vulnerability.

  • By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High.

  • An attacker who successfully exploits this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

  • Currently known attacks cannot exploit this issue automatically through e-mail, Microsoft says.

Several reports indicate that the vulnerability was accidentally published by researchers in China, but most experts agree that the flaw was already known by many hackers before the error occurred.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service