Site icon Emsisoft | Cybersecurity Blog

Warning: Internet Explorer Zero Day CVE-2014-1776


A new zero day vulnerability that allows for remote execution of malicious code through Internet Explorer 6-11 is currently being exploited in the wild. Infection can occur simply by browsing to a malicious website.

How to Stay Protected

Zero day CVE-2014-1776  currently affects Internet Explorer, versions 6-11. Over 26% of Internet users utilize one of these browsers. If this includes you, your computer is vulnerable to remote execution of malicious code. Microsoft has yet to release an official fix for CVE-2014-1776, but if you are affected there are still a number of things you can do.

Any one of these actions will protect you from becoming the victim of a zero day attack.

Details About this Threat

Microsoft released an official statement on CVE-2014-1776 this Sunday. The statement contains detailed steps to threat mitigation and also acknowledges researchers at FireEye for discovering the vulnerability’s usage in active, in-the-wild, targeted attacks against users running IE 9-11.

Research indicates that CVE-2014-1776, otherwise known as “Operation Clandestine Fox,” utilizes vector markup language in Adobe Flash to bypass address space layout randomization (ASLR) and data execution prevention (DEP), in order to allow attackers to infect their targets with malware. ASLR and DEP are specifically included in Internet Explorer as security measures, however this is not the first time they have been bypassed via Flash. In fact, the technique was recently used in a February zero day, known as Operation GreedyWonk

Additionally, research indicates that Operation Clandestine Fox is part of a larger malware campaign instigated by what is called an Advanced Persistent Threat group, or an APT. APTs use malware to specifically target governments or financial institutions. As yet, Clandestine Fox has only been observed in a few targeted attacks against such targets, however in the coming days copycat campaigns against everyday Internet users are likely to emerge. For this reason, Emsisoft recommends taking one of above listed steps to stay protected immediately. Users who require help are encouraged to contact our experts at Emsisoft Support for free technical assistance.

Users running Windows XP should also note that this is the first major vulnerability to affect the operating system that will never be patched.

Have a Great (Zero-Free) Day!

 

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Update: Microsoft Issues Emergency Patch, Even for XP

Exit mobile version