Microsoft just released a patch for the new CVE 2013-3163, a critical memory corruption vulnerability in Internet Explorer. Attackers are exploiting this issue to escalate privileges and execute code with current user permissions; failed attacks will cause denial-of-service conditions, your PC will just stop working.
Microsoft Internet Explorer 8, 9, and 10 are affected. Intelligence from the underground hacking world shows that the exploit for this vulnerability is already public and exploited in the wild! Microsoft urged all customers to install the MS13-053 and MS13-055 updates as soon as possible.
The exploit code uses a memory corruption bug started from a webpage but what really happens is that the attack leverages a Flash SWF file in order to achieve reliable exploitation and code execution. The Flash file is made of a complex ActionScript code that assigns certain objects in memory in such a way that they can be corrupted later by the Internet Explorer bug, in order to give unsafe access to memory regions to the Flash ActionScript code that will carry on the entire exploitation.
[ads1]
Intrusion Detection and Prevention systems like Snort have already added rules to detect and block the attack.
[author image=” http://www.cybersecurityafrica.com/images/Mr.Mohammad.png”] Mohamad Amin Hasbini is a Senior Security Researcher with Kaspersky Lab, specialized in Cyber threats, Penetration testing, Malware landscape and Unix based open source systems and tools.
Regards,
Mohammad-Amin Hasbini
[/author]
