728x90
Symantec is aware of reports of a zero-day vulnerability, Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776), that affects all versions of Internet Explorer.
Microsoft released a security advisory on a vulnerability in Internet Explorer that is being leveraged in limited targeted attacks. There is currently no patch available for this vulnerability and Microsoft has not, at the time of writing, provided a release date for one.
Our testing confirmed that the vulnerability crashes Internet Explorer on Windows XP. This will be the first zero-day vulnerability that will not be patched for Windows XP users, as Microsoft ended support for the operating system on April 8, 2014. However, Microsoft stated that its Enhanced Mitigation Experience Toolkit (EMET) 4.1 and above can mitigate this Internet Explorer vulnerability and is supported by Windows XP. Besides using EMET, Symantec Security Response encourages users to temporarily switch to a different Web browser until a patch is made available by the vendor.
Symantec protects customers against this attack with the following detections:
Bloodhound.Exploit.552
Web Attack: MSIE Use After Free CVE-2014-1776
We will update this blog with additional information as soon as it becomes available.
Update – April 28, 2014:
In order to mitigate Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776), Symantec provides the following recommendations.
Microsoft states that versions of the Enhanced Mitigation Experience Toolkit (EMET) 4.1 and above can mitigate this vulnerability in Internet Explorer. The toolkit is available for Windows XP users as well. If using EMET is not an option, users can consider mitigating the issue by unregistering a DLL file named VGX.DLL. This file provides support for VML (Vector Markup Language) in the browser. This is not required by the majority of users. However, by unregistering the library, any application that uses the DLL may no longer function properly. Also, some applications installed on the system may potentially re-register the DLL. With this in mind, the following one line of instruction can be executed to make the system immune from attacks attempting to exploit the vulnerability. This line of instruction can be used for all affected operating systems:
"%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
We have developed a batch file that can be used to perform the task for those who may be required to administrate large IT infrastructures.
Microsoft released a security advisory on a vulnerability in Internet Explorer that is being leveraged in limited targeted attacks. There is currently no patch available for this vulnerability and Microsoft has not, at the time of writing, provided a release date for one.
Our testing confirmed that the vulnerability crashes Internet Explorer on Windows XP. This will be the first zero-day vulnerability that will not be patched for Windows XP users, as Microsoft ended support for the operating system on April 8, 2014. However, Microsoft stated that its Enhanced Mitigation Experience Toolkit (EMET) 4.1 and above can mitigate this Internet Explorer vulnerability and is supported by Windows XP. Besides using EMET, Symantec Security Response encourages users to temporarily switch to a different Web browser until a patch is made available by the vendor.
Symantec protects customers against this attack with the following detections:
Bloodhound.Exploit.552
Web Attack: MSIE Use After Free CVE-2014-1776
We will update this blog with additional information as soon as it becomes available.
Update – April 28, 2014:
In order to mitigate Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776), Symantec provides the following recommendations.
Microsoft states that versions of the Enhanced Mitigation Experience Toolkit (EMET) 4.1 and above can mitigate this vulnerability in Internet Explorer. The toolkit is available for Windows XP users as well. If using EMET is not an option, users can consider mitigating the issue by unregistering a DLL file named VGX.DLL. This file provides support for VML (Vector Markup Language) in the browser. This is not required by the majority of users. However, by unregistering the library, any application that uses the DLL may no longer function properly. Also, some applications installed on the system may potentially re-register the DLL. With this in mind, the following one line of instruction can be executed to make the system immune from attacks attempting to exploit the vulnerability. This line of instruction can be used for all affected operating systems:
"%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
We have developed a batch file that can be used to perform the task for those who may be required to administrate large IT infrastructures.
728x90
'취약점 정보1' 카테고리의 다른 글
| 어도비 플레쉬 업데이트 안내 (0) | 2014.04.29 |
|---|---|
| Adobe Patches Exploited Flash Player Vulnerability (0) | 2014.04.29 |
| 2014-04-29 취약점정리 (0) | 2014.04.29 |
| 유무선공유기 관리자 페이지 보안설정권고 (0) | 2014.04.29 |
| ms ie 원격코드 실행 취약점 주의 (0) | 2014.04.28 |