On the 14th, Microsoft issued an advisory of a vulnerability in Internet Explorer. Nothing extraordinary, if not for the impact and consequences that this vulnerability has had in the computer world. As evidence of these consequences, we find the theft of information a company like Google . And it is only a sample. The actual impact could be higher.
This bug, which affects all versions of Internet Explorer allows malicious code execution when visiting pages containing the exploit. Here, Analyze and explain how the exploit works and what were the effects that caused .
How does the exploit? What are its effects?
The vulnerability in Internet Explorer is not very complex. It is a vulnerability caused by a invalid reference to a pointer , ie when the pointer (a variable which points to a memory address) points to a wrong place, either because it does not belong to a program or had been previously released.
The latter is what causes the vulnerability in Internet Explorer. Deleting an object, and under certain conditions, you can access the pointer to that object. With a prepared code (exploit) Internet Explorer may execute remote code when trying to access the object deleted with that pointer. The code, in the case of the exploit used in the attack on Google, download a program responsible for opening a backdoor in the computer by which the attacker can gain access to that computer.
Its effects depend on what the program downloaded. This is what makes the vulnerability is serious: possibility of execution of any malicious code on the victim’s computer . Thus, the exploit can do anything, since you simply close your browser to take full control of your computer, going to install spyware or adware.
Who have suffered or may suffer from this vulnerability?
The principal challenge has been attacked by this vulnerability has been Google , as part of a very complex cyber attack aimed at theft of information to large corporations , and linked to China, thanks to research from Google .
In principle, the exploit code was unknown. But, according to research from McAfee, has been published on the internet , giving possibility to large-scale attacks against users who use the affected versions of Internet Explorer, we can see in the following table:
What has been the reaction to the vulnerability?
Several agencies and authorities have responded to the emergence of this vulnerability. McAfee, Google’s partner in research, has launched “Operation Dawn” for alert and warn users about the vulnerability . Meanwhile, Germany and France discourage the use of Internet Explorer until it resolves the vulnerability.
For its part, Microsoft has released security advisory and has released a patch for all versions Internet Explorer on the supported operating systems. He has also published a webcast answering questions from customers.
In addition, the occurrence of this failure has triggered the download of alternative browsers , increasingly so in countries like Germany where, as we see in the chart, Firefox downloads for IE users have been 300,000 more of the would be expected.
How do I protect the vulnerability?
The protection is easy: Visit only trusted sites, maintain the security software (firewall and antivirus) updated , set the security level of Internet Explorer up and activate the DEP where possible . It is also advisable to use alternative browsers , like Firefox, Opera, Chrome or Safari, or to upgrade to the latest version from Internet Explorer to minimize damage.
What conclusions can we draw from this?
The most obvious, is that many people in the computer world have repeated ad nauseam: the insecure Internet Explorer 6 . Probably this bug had stayed in a story if not for the many users who are still using version 6 of the browser, the less protected against this vulnerability *.
You can see how Microsoft patches only published when the vulnerability is made public, since, according to his blog, were aware of it since September , and is not now, after the attack on Google and the publishing of the writ, when they released the patch. This shows a lack of attention and commitment to users between Microsoft developers.
In this connection, we see the McAfee importance of working with Microsoft on the discovery and settlement of the failure , despite having created the “Operation Dawn” for a very informative advertising that something inappropriate in my opinion view.
And finally, in all this mess we have seen how something as relatively simple as a browser vulnerability has resulted in a two very important facts . One of Google’s new approach to China after the attacks, which will probably end up being withdraw from that country . And two, the recommendation of several countries not using Internet Explorer, which provides a heavy blow to the browser, at least in the version 6 , and promotes alternatives such as Opera, Firefox or Chrome.
More info | Microsoft Technet, McAfee Security Insights Blog and MSRC
Image | McAfee and Mozilla
Get a Gravatar
Why don't you make one?