Internet Explorer Update Plugs a Vulnerability Duo

Severity: High

Summary:

  • These vulnerabilities affect: Internet Explorer 9 (IE 9)
  • How an attacker exploits them: By enticing one of your users to visit a malicious web page
  • Impact: An attacker can execute code on your user’s computer, often gaining complete control of it
  • What to do: Install Microsoft’s Internet Explorer 9 update immediately, or let Windows Automatic Update do it for you

Exposure:

During Patch Day, Microsoft released a security bulletin to fix two vulnerabilities in Internet Explorer 9 (IE9). The flaws only affect IE 9, and not previous versions of Microsoft’s popular browser.

Though the two flaws differ technically, they both stem from IE inappropriately accessing a previously deleted object. These sorts of invalid access vulnerabilities often result in memory corruptions, which attackers can expertly leverage to force code to execute on your computer, with your privileges.

So in short, if an attacker can lure you to a web site with specially crafted code, he can exploit this flaw to execute code on your computer. If you have local administrator privileges, the attacker gains complete control of your PC.

As an aside, hackers commonly target legitimate web sites and booby-trap them with malicious code, by exploiting various web application vulnerabilities. In other words, you can sometimes encounter these sorts of “drive-by download” attacks even while visiting trusted, legitimate web sites.

If you’d like to know more about the technical differences between these flaws, see the “Vulnerability Information” section of Microsoft’s bulletin.

Solution Path:

These updates fix serious issues. You should download, test, and deploy the appropriate IE 9 patches immediately, or let Windows Automatic Update do it for you. You can find links to the various IE updates in the “Affected and Non-Affected Software” section of Microsoft’s IE security bulletin. If you use IE 8 or below, you do not have to update.

For All WatchGuard Users:

These attacks travel as normal-looking HTTP traffic, which you must allow if your network users need to access the World Wide Web. Therefore, the patches above are your best solution.

That said, WatchGuard’s Gateway Antivirus and Intrusion Prevention Service can often prevent these sorts of attacks, or the malware they try to distribute. We highly recommend you enable our security services on your WatchGuard XTM and XCS appliances.

Status:

Microsoft has released patches to fix these vulnerabilities.

References:

This alert was researched and written by Corey Nachreiner, CISSP.

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

2 Responses to “Internet Explorer Update Plugs a Vulnerability Duo”

  1. generate local traffic Reply September 27, 2014 at 10:32 pm

    This piece of writing gives clear idea for the new visitors of blogging, that
    genuinely how to do blogging and site-building.

Trackbacks/Pingbacks

  1. WatchGuard Security Week in Review: Episode 26 | WatchGuard Security Center - July 13, 2012

    […] IE update – WGSC […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: