Feeds

back to article Internet Explorer bug patched only a week ago now being exploited

Hackers have latched onto a vulnerability in Internet Explorer patched by Microsoft last week as a useful way to spread malware. The vulnerability is CVE-2012-1875 – which was patched in MS12-037 as part of the June edition of Microsoft's Patch Tuesday – and it is being exploited in the wild. Attacks are typically delivered by …

COMMENTS

This topic is closed for new posts.
Silver badge

It does worry me, not that people are still finding bugs in IE, but that those bugs are so prevalant and easy to find, and nobody has bothered to actual fix the cause (not just patch the resulting symptom).

Use-after-free = we don't track variable state / memory handling properly and could crash your browser in a second even in normal use.

ASLR = defeated by making IE load an "old" pre-ASLR DLL (why do those still exist, and why don't their addresses get randomised by some wrapper for them?)

DEP = defeated by putting "jmp" statements into the data area (instead of literal code) that call into executable memory which does the actual work instead. (Why is this allowed and why does the "jmp" not get classed as an execution in a data area too?)

3
1
Anonymous Coward

chrome anyone?

or firefox, opera, safari.

Honestly I'd even consider Midori better than IE.

4
4
Happy

Re: chrome anyone?

I believe that copious amounts of midori are required before the use of IE

1
0
Bronze badge
FAIL

Re: chrome anyone?

You are deluded if you are replacing IE blindly with Chrome because IE is so vulnerable.

Let's check what Secunia says about these browsers for this year, shall we?

IE9 - 22 vulnerabilities this year - 53 vulns since IE9 was introduced 14 months ago.

Chrome (versions 17-19 released this year, I'm not gonna dig further) - I counted 117 vulnerabilities though some may be duplicates.

Safari 5.x - 90 vulns this year, 303 vulnerabilities since its introduction 2 years ago. Nice!

Firefox (versions 10 - 13 releases this year, I'm not gonna dig further) - 40 vulnerabilities.

Opera - I counted 12 vulnerabilities.

I didn't know of Midori's existence before your message. Tried it and it's more bloated than Opera (disk space wise). Needs more polishing and an installer as well.

I understand replacing IE because it's slow or clunky to use or doesn't feature your favorite plugins but it doesn't seem more exploitable than Chrome, Safari or Firefox. Please prove me wrong if you can.

7
2

Re: chrome anyone?

"I understand replacing IE because it's slow or clunky to use or doesn't feature your favorite plugins but it doesn't seem more exploitable than Chrome, Safari or Firefox. Please prove me wrong if you can."

Not all vulnerabilities are the same; there are many different classes of vulnerability, with different implications. For example, a vulnerability that crashes the browser may present a denial-of-service problem, but it's rather different than a vulnerability that allows arbitrary code execution with administrator privileges.

Part of what makes IE so nasty is that arbitrary-code problems often end up running as root, rather than running in userland. That's not the case with other browsers.

1
0

This post has been deleted by its author

Bronze badge

Re: chrome anyone?

"Not all vulnerabilities are the same"

True. Relying again on Secunia reports for year 2012 on the browsers that were recommended by the AC:

Chrome - multiple 'highly critical' vulnerabilities that provide at least 'system access'.

IE9, Safari, Opera, FF - ditto. Firefox 12 also had a vulnerability allowing privilege escalation.

All browsers seem to be at parity here.

"Part of what makes IE so nasty is that arbitrary-code problems often end up running as root, rather than running in userland. That's not the case with other browsers."

Care to elaborate this claim? According to Secunia IE6 thru IE9 has had zero privilege escalation bugs. Windows has had multiple privilege escalation bugs which are exploitable with any browser that has had a vulnerability that allows system access (on user space)

0
0
Gold badge

Those legitimate websites

"Attacks are typically delivered by JavaScript code embedded in websites, some of which are actually legitimate."

I assume you mean to imply that the website is owned by someone with no hostile intent but it has been taken over by someone less friendly. The notion of a "legitimate yet unsafe" website is oxymoronic.

1
0
Anonymous Coward

Re: Those legitimate websites

How about Google serving malware laced ads, it happened to a friend of mine, who only allowed Google sourced sites to execute scripts and he got rooted.

1
2

Re: Those legitimate websites

Pretty much any website that serves up advert banners can be susceptible, if the advert is malicious.

1
0
Silver badge

Bah!

It was extremely stupid of Microsoft to patch IE as a way of spreading malware.

1
0
Anonymous Coward

Re: Bah!

Microsoft once released a patch that caused PCs infected with a particular rootkit (TDSS) to crash. To solve the problem they stopped the patch being installed on infected PCs. The rootkit author then updated the software so that Microsoft could then apply the patch to those machines as well.

Although Microsoft could detect infected machines to prevent the patch being installed they made no attempt to inform the user about the rootkit. They were, in effect, working with the malware authors.

2
0
This topic is closed for new posts.