Microsoft has issued a security warning about a new zero-day vulnerability that could allow remote code execution in its IE browser. This vulnerability effects versions 6 through 8.
From thier security advisory page: "The vulnerability exists due to an invalid flag reference within Internet Explorer. It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution."
There are several factors that could mitigate this particular attack.
First enabling Data Execution Protection (DEP) in the browser (which is on by default in version 8). "DEP, a feature first implemented in 2005, prevents the exploit from executing successfully, said Wolfgang Kandek, chief technology officer at security firm Qualys".
Secondly, using protected mode in "Internet Explorer on Windows Vista and later Windows operating systems helps to limit the impact of the vulnerability as an attacker who successfully exploited this vulnerability would have very limited rights on the system."
No comments:
Post a Comment