Zero-day exploit hits Internet Explorer

Researchers report code exploiting an unpatched flaw within Microsoft's Web browser one day after Patch Tuesday. It creates an XML tag, then waits 6 seconds to thwart antivirus engines.

One flaw not addressed in yesterday's Patch Tuesday is a heap overflow within the XML parser reported on Wednesday by Bojan Zdrnja of the SANS Internet Storm Center.

The exploit in the wild on Wednesday creates an XML tag, then waits 6 seconds in an attempt to thwart antivirus engines. The exploit could then crash the browser and run malicious code when the browser is restarted. The user must be running Windows XP or Windows Server 2003, and using Internet Explorer 7.

Zdrnja writes that "at this point in time, it does not appear to be wildly used, but as the code is publicly available, we can expect that this will happen very soon."

A Microsoft representative said the company is "investigating new public claims of a possible vulnerability in Internet Explorer. Once we're done investigating, we will take appropriate action to help protect customers. This may include providing a security update through the monthly release process, an out-of-cycle update, or additional guidance to help customers protect themselves."

As for a workaround, Zdrnja suggests using a browser other than Internet Explorer. Microsoft says anyone who has been affected by this exploit can get help online or by calling the PC Safety hotline at 1-866-PCSAFETY.

Tags:
Security
About the author

    As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.

     

    ARTICLE DISCUSSION

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    Hot on CNET

    CNET's giving away a 3D printer

    Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.