Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Zero day exploit on IE and Adobe Reader leaves millions exposed

BitDefender UK : 19 January, 2010  (Technical Article)
BitDefender discovers zero-day exploits on Internet Explorer and Adobe Reader with the IE vulnerability already having been exploited in large scale cyber-attacks
BitDefender, an award-winning provider of innovative anti-malware security solutions, has discovered separate, critical zero-day exploits in two of the most heavily used applications in the world: Microsoft's Internet Explorer and Adobe Reader.

According to preliminary reports, the Internet Explorer vulnerability has already been used in targeted attacks against 34 major corporations including Google and Adobe. At the moment, Microsoft has released an advisory, but there is no patch available for this vulnerability. BitDefender has pushed an emergency update to users of its security products that intercepts and blocks the malicious code before it adversely impacts on the target system.

The Adobe flaw was initially discovered on December 14 and although the vendor pushed a patch on January 12 the vulnerability is still being exploited in the wild. BitDefender users have been protected since day zero, as the company issued proactive detection for the entire family of Trojans exploiting the PDF vulnerability.

Internet Explorer Threat Details:

Also known as CVE-2010-0249, the Internet Explorer zero-day exploit takes advantage of a memory corruption vulnerability affecting all versions of Internet explorer except for Internet Explorer 5.01 Service Pack 4 for Microsoft Windows 2000 Service Pack 4.

In order to successfully attack a target, the remote party needs to create a malicious web page containing the exploit, a flaw in Internet Explorer's handling of specific DOM operations. In order to lure users into visiting the compromised resource, the attacker may use e-mail spam, social networking spam or any other means of mass distribution available. As soon as the document gets processed, the malicious code injected into it would run in the context of the current user and would likely compromise the system. If the exploit fails, then the attack would trigger a denial-of-service condition.

Under specific conditions, Internet Explorer can be tricked into allowing remote code execution by accessing an invalid pointer after an object is deleted. Although all versions of Internet Explorer are vulnerable (Including IE8 on Windows 7), risks are lower for IE8 users, as it comes with DEP (data execution prevention) enabled by default.

Adobe Reader Threat Details:

Officially known as CVE-2009-4324, the vulnerability affects Adobe Reader and Acrobat 9.2 and earlier versions. Successful exploitation could cause crashes and allow a remote party to execute arbitrary code on the victim's computer, as well as to carry out cross-site scripting attacks.

The vulnerability exploits an error in the implementation of the "" JavaScript method, that is likely to corrupt memory when a specially crafted PDF file is run.

In order to stay safe, BitDefender recommends that you download, install and update a complete antimalware suite with antivirus, antispam, antiphishing and firewall protection and to exercise extreme caution when prompted to open files from unfamiliar locations. Users who are concerned they may have been exposed to these attacks can check for viruses on their computer for free with BitDefender's online scanner.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo