Zero Day Vulnerability Not Addressed
Microsoft is preparing 8 updates for its November 12th “Patch Tuesday”. In an earlier article, we discussed Microsoft’s announcement of Zero Day vulnerability in a number of its software suites. Unfortunately these security issues will not be addressed by Microsoft this week. Microsoft continues to stand by the “work arounds” that they suggested last week.
When It Rains, It Pours
A couple of days ago it was revealed that the Zero Day Vulnerability has a new victim. The English versions of IE7 and IE8 in Windows XP and IE8 on Windows 7 have been verified and confirmed, though other versions of the software may be vulnerable to the Zero Day attacks as well. The organization that uncovered the vulnerabilities has released some of the details in an analysis report.
“The time stamp is sent back to the attacker’s server to choose the exploit with a ROP chain specific to that version of msvcrt.dll. This vulnerability affects Windows XP with IE 8 and Windows 7 with IE 9.”
ROP Chain stands for return-oriented programming. This is a method that works around security defenses by disguising executable code. It has also been found that this attack is actually an APT (Advanced Persistent Threat) that has been placed into a “strategically important website” that offers information about international and national security policies. Payload data was also delivered without writing to disk, a method designed to complicate network defenders’ ability to mitigate the affected systems. The size of the vulnerability and the actual web site have not been revealed as of yet.
This is just another event in a long and ongoing string of security risks caused by Microsoft’s Zero Day Vulnerability. If your organization does not have the proper IT Security measures in place, you may be vulnerable to attacks through the above mentioned sources, or other methods and means. We would recommend speaking to an expert to assess your current security risks and initiate appropriate planning to mitigate any security breaches.