IE Zero-Day Flaw Affecting IE Version 7 through 10 in the Wild

While Microsoft is still working to patch the recently reported zero-day vulnerability targeting Microsoft Windows and Office products, another critical flaw has emerged.

Rod Trent

November 11, 2013

1 Min Read
IE Zero-Day Flaw Affecting IE Version 7 through 10 in the Wild

While Microsoft is still working to patch the recently reported zero-day vulnerability targeting Microsoft Windows and Office products, another critical flaw has emerged. The new security threat affects Internet Explorer versions 7 through 10.

Over the weekend, FireEye, a security platform provider, has submitted a report to their blog that digs into the details of the new liability.

FireEye reports:

This payload has been identified as a variant of Trojan.APT.9002 (aka Hydraq/McRAT variant) and runs in memory only. It does not write itself to disk, leaving little to no artifacts that can be used to identify infected endpoints.

Attacks can be blocked by installing the latest version of Microsoft's Enhanced Mitigation Experience Toolkit, as Microsoft has not yet officially publicized the newly reported vulnerability.

Be ready and read through FireEye's full explanation about the latest active attacks:

Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method

UPDATE

Microsoft has now stated publicly that they are aware of this vulnerability and have already prepared to release the fix as part of “Bulletin 3”, which will be released as MS13-090, as listed in the November Advanced Notification Service (ANS). The update will be available to rollout on November 12, 2013.

Read the full statement: ActiveX Control issue being addressed in Update Tuesday

About the Author

Rod Trent

Rod Trent

See more from Rod Trent
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

the interface of the PowerShell search tool with a hand holding a magnifying glass on a background of a blue sky and clouds in the shape of gears
PowerShell
How I Built My Own PowerShell Multi-File Search Tool
How I Built My Own PowerShell Multi-File Search Tool

Oct 22, 2024

burnout gif featuring a mannequin surrounded by office technology on fire
Career Tips
Am I Burned Out? How To Identify and Address Burnout in IT
Am I Burned Out? How To Identify and Address Burnout in IT

Oct 24, 2024

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?

Oct 23, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

AI chip
Cloud Computing
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables