BitDefender today has released an emergency update to shield users against the newly-discovered vulnerability in Internet Explorer versions 6 and 7. Microsoft has detailed the attack scenarios in security advisor #981374, announcing that a patch is being made in order to mitigate the vulnerability.
Users running Internet Explorer versions 6 and 7 can get infected by simply visiting a specially crafted web page that uses highly obfuscated JavaScript code to create a use-after-free error, such as a pointer being accessed after the deletion of an object.
Anatomy of the attack
Initially, the user is lured into visiting a specially crafted web link advertised either via spam messages or as posted on bulletin boards, social networks etc. The respective webpage contains JavaScript code obfuscated using the escape function. In order to bypass detection from various antivirus products, the script calls a secondary JavaScript that replaces a variable with the unescape string.
The decrypted result is actually the malicious payload which will trigger a heap spray attack and will write the malicious code into the browser’s User Data area, making it persistent: every time the browser starts, the malicious code is executed without any subsequent intervention (drive-by download), which will result in the automatic download of a file called either notes.exe or svohost.exe (detected by BitDefender as Gen:Trojan.Heur.PT.cqW@aeUw@pbb).
This approach is similar to the one that has been used in targeted attacks against 34 major corporations including Google™ and Adobe™.
Mitigating the risks
Microsoft announced that the exploit is already in the wild and that users will be provided with a fix as soon as possible. Since Internet Explorer 8 is not vulnerable to the attack, the next logical step would be to upgrade immediately.
See how Bitdefender modified the code to protect us from this vulnerability
In order to stay safe, BitDefender recommends that you download, install and update a complete antimalware suite with antivirus, antispam, antiphishing and firewall protection and to manifest extra caution when prompted to open files from unfamiliar locations.
Y to download bitdefender
we can download Firefox.. i think it is much saftier than IE…
.-= sudharsan @ technoskillonline´s last blog ..Badjuju just happened !? – Commentluv Problem solved =-.
i also thinks that firefox is much safe than IE and faster too. i have Google Chrome and Firefox both in my PC and i haven’t used IE since i downloaded Firefox and Chrome.
Microsofts products are a target for hackers all around the Globe. that’s why i am using Linux and use Firefox for browsing.
The power of open source.