Posted by: Pez
« on: 23. September 2013., 08:51:48 »Product Coverage and Mitigation for CVE-2013-3893
Microsoft Security Advisory (2887505)
On September 17th, 2013, Microsoft published Security Advisory 2887505, which coverers a remote code execution vulnerability in all supported versions of Microsoft Internet Explorer. The flaw resides in the handling of objects in memory which have been deleted or improperly allocated. Specifically, a use-after-free flaw in the HTML rendering engine (aka mshtml.dll) can be used to invoke the vulnerable state.
This flaw is currently being exploited in limited and targeted attacks. Functional exploitation and malware artifacts have been identified in the wild.
Remediation / Mitigation
Microsoft
• Microsoft has released a Fixit Workaround to address this issue. A full patch is not yet released.
• Resources
• http://technet.microsoft.com/en-us/security/advisory/2887505
• http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx
McAfee Labs
The following McAfee products / content provide coverage
• McAfee Vulnerability Manager
• McAfee MVM / FSL Content Release of 9/18/2013
• McAfee Antivirus
• Coverage is provided in the 7204 DATs, released on 9/20/2013
• Name – Exploit-IE!heur
• McAfee Network Intrusion Prevention Systems (NIPS)
• UDS Emergency Release of 9/17/2013
• UDS signature attack ID 0x4510ef00
• Name=”UDS-HTTP: Microsoft Internet Explorer onlosecapture Use After Free Vulnerability
Original article: Friday, September 20, 2013 at 4:16pm by Jim Walter
Microsoft Security Advisory (2887505)
On September 17th, 2013, Microsoft published Security Advisory 2887505, which coverers a remote code execution vulnerability in all supported versions of Microsoft Internet Explorer. The flaw resides in the handling of objects in memory which have been deleted or improperly allocated. Specifically, a use-after-free flaw in the HTML rendering engine (aka mshtml.dll) can be used to invoke the vulnerable state.
This flaw is currently being exploited in limited and targeted attacks. Functional exploitation and malware artifacts have been identified in the wild.
Remediation / Mitigation
Microsoft
• Microsoft has released a Fixit Workaround to address this issue. A full patch is not yet released.
• Resources
• http://technet.microsoft.com/en-us/security/advisory/2887505
• http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx
McAfee Labs
The following McAfee products / content provide coverage
• McAfee Vulnerability Manager
• McAfee MVM / FSL Content Release of 9/18/2013
• McAfee Antivirus
• Coverage is provided in the 7204 DATs, released on 9/20/2013
• Name – Exploit-IE!heur
• McAfee Network Intrusion Prevention Systems (NIPS)
• UDS Emergency Release of 9/17/2013
• UDS signature attack ID 0x4510ef00
• Name=”UDS-HTTP: Microsoft Internet Explorer onlosecapture Use After Free Vulnerability
Original article: Friday, September 20, 2013 at 4:16pm by Jim Walter