Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New IE zero-day attack reported

09 Nov 2013   #1
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 
New IE zero-day attack reported

Quote:
Researchers at network security company Fireeye have identified a zero-day exploit of Internet Explorer on a breached web site.

The specific exploit targets the English versions of Internet Explorer 7 and 8 on Windows XP and IE8 on Windows 7. FireEye says their analysis indicates that the vulnerability behind it affects IE 7, 8, 9 and 10.

FireEye does not say if IE10 on Windows 8 is affected or if they examined IE11.

There are two vulnerabilities involved in the attack: the first is an information disclosure vulnerability which the exploit uses to retrieve the timestamp from the PE headers of msvcrt.dll (part of the Microsoft Visual C++ runtime). The second is an IE out-of-bounds memory access vulnerability, used to achieve code execution.
Read more at: New IE zero-day attack reported | ZDNet

My System SpecsSystem Spec
.

11 Nov 2013   #2
NoN

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
 
 

From FireEye blog:
Quote:
Shellcode
This exploit has a large multi-stage shellcode payload. Upon successful exploitation, it will launch rundll32.exe (with CreateProcess), and inject and execute its second stage (with OpenProcess, VirtualAlloc, WriteProcessMemory, and CreateRemoteThread). The second stage isn’t written to a file as with most common shellcode, which usually downloads an executable and runs it from disk.
In Windows 7, MSCONFIG could help by loading only the necessaries services at start-up in order to stop the rundll32.exe being created. Or disable prefechter and superfetch the time it got fixed..
My System SpecsSystem Spec
Reply

 New IE zero-day attack reported




Thread Tools



Similar help and support threads for2: New IE zero-day attack reported
Thread Forum
DDoS Attack, Changed IPs Still Under Attack System Security
BF3 under attack Gaming
Solved Am I under attack? System Security
MAC Attack System Security
New SSL attack. Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:04 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33