Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Internet Explorer zero-day vulnerability

View all posts > 

Internet Explorer zero-day vulnerability

Posted: 18 Sep 2012 06:13 AM | Patrik Runald | 4 comment(s)


A new vulnerability found in Microsoft Internet Explorer affects Internet Explorer versions 6, 7, 8, and 9. The vulnerability allows attackers to execute code on a machine by just having the user visit a malicious website. This can happen, for example, when the user is tricked into clicking a link in an email or via compromised legitimate websites.

 

 

The vulnerability itself lies in the way that Internet Explorer accesses an object that has been deleted or not properly allocated. This vulnerability has now been listed by Metasploit, which means it is available publicly, and we anticipate that we'll soon see this Internet Explorer vulnerability used in broader attacks. More information about the vulnerability can be found in this Microsoft Advisory 2757760.

 

We have released updates to the real-time analytics of ACE™, our Advanced Classification Engine, which means that Websense customers are protected. As a member of the Microsoft Active Protection Program (MAPP), we are also working with Microsoft to monitor this situation.

 

UPDATE:

On Friday September 21, 2012, Microsoft released an out-of-band patch MS12-063 to address this vulnerability. The above vulnerability, documented as CVE-2012-4969 was addressed along with 4 other vulnerabilities affecting Internet Explorer.  We recommend that you apply this patch to your environment as soon as possible.


Filed under:

Comments

Colin Williams said on Thursday, September 20, 2012 6:04 AM

Great that you have this addressed and is in the Websense blog – but doesn’t show if you use “2757760” in a search on the blog archives!

Chetan Lakhani said on Monday, September 24, 2012 12:54 AM

As per Microsoft Advisory technet.microsoft.com/.../2757760, internet explorer vulnerability found in current IE versions and could allow remote code execution as per below article. Websense blog guaranteed that it’s been already taken care and protected.

community.websense.com/.../internet-explorer-zero-day-vulnerability.aspx

We want to ensure that we are protected as per above blog of websense.

Kindly provide your confirmation in regard the same asap.

Patrik Runald said on Wednesday, September 26, 2012 2:23 PM

Yes, Websense Security Gateway and Cloud Web Security customers are protected with the real-time analytics in ACE.

Patrik Runald said on Wednesday, September 26, 2012 3:11 PM

@Colin, fixed now. Thanks for letting us know!


Leave a Comment

(required)  

Email address: (required)