IE zero-day actively being exploited in the wild: Rapid7

IE zero-day actively being exploited in the wild: Rapid7

Summary: Criminals are actively abusing the zero-day vulnerability found in Internet Explorer, with exploit code now being found in the wild.

SHARE:
13

Businesses running Internet Explorer should consider taking better precautions now that code to exploit a recently discovered zero-day vulnerability in the browser is making the rounds.

According to Rapid7 senior engineering manager Ross Barrett, exploit code is now being widely distributed on the web. He said that earlier this week, he saw exploit code submitted to Virus Total and Scumware.

Attackers typically exploit weaknesses in websites, for example, taking advantage of out-of-date WordPress implementations to upload their own content to servers. Then, through spam or phishing campaigns, herd unsuspecting users to these "drive-by" sites, which in turn exploit the users directly.

These sites eventually get reported to services like Virus Total and Scumware to help others identify them as malicious. But they also have the secondary effect of being good indicators of how well known a certain exploit is.

Barrett claims that with the high incidence of reports, the zero day is "about to become [as] severe as any browser issue can be".

He said that exploitation seems to only be limited to versions 8 and 9 of the browser, even though all versions at this point are vulnerable.

According to StatCounter, for the year thus far, Internet Explorer 8 and 9 represent 20.15 percent of all browsers. Including all versions of Internet Explorer puts its market share at 27.98 percent.

Barrett suggests that users simply not use Internet Explorer to avoid exposing themselves to unnecessary risk. For those that must, he said they should install all patches and upgrade to the latest version, even though he admits that neither action will do much to directly mitigate the vulnerability at this time.

The vulnerability was reported by Microsoft in mid September, but details on it only emerged earlier this week. It is alleged that attackers have already been using the vulnerability to target Japanese organisations.

Topics: Security, Malware, Microsoft

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • Its always about numbers

    IE is attacked because its still a popular browser and you can find vulnerabilities that cross over multiple versions of IE. I have to say that if Microsoft cared about its user base. It could easily stop a lot of this by simply retiring IE as it is now. Windows OS would be much better off without IE attached to it.
    JohnnyES-25227553276394558534412264934521
    • better: no internet!

      An MS-Windows without internet connection would be much safer, ... also for the rest of the world... but would it sell?

      Of course, MS wants to promote their search engine and how can they do that without their browser?
      hbswn
  • Why no mention of fixes?

    ... like the MS Fixit or EMET 4.0

    http://support.microsoft.com/kb/2887505

    http://support.microsoft.com/kb/2458544
    HABAR
    • Hmmm... Could it be agenda-based reporting?

      There are those who hate MS, no matter what the product, and they'd like nothing more than to take MS down a bunch of notches, and to get people moving over to other platforms and applications.
      adornoe
  • 28% Wow. I remember when IE

    was at 90%.
    baggins_z
    • Even Firefox is above Chrome browser, and this link says IE is still tops,

      by a lot! 57.8%, in fact!

      http://netmarketshare.com/browser-market-share.aspx?qprid=0&qpcustomd=0
      adornoe
      • Different methodology

        While I can't guarantee what are the best numbers. Netmarketshare numbers are at least "fishy" in many cases.
        A few examples:
        iOS is 55% vs android 28% - silly.
        Windows XP is 33% vs 45% for windows 7 - I doubt XP is that big.

        Chrome with just 16% against 58% for ie just goes against any perception I have - and it can be wrong, but there are numbers that look a lot more reasonable.
        AleMartin
        • Apparently, you don't like the numbers when they don't agree

          with your personal expectations or personal preferences.

          But, the numbers in that link I provided are not about Android vs iOS, or one OS vs another. The numbers in that link I provided is about overall usage, and it's about browser preferences.

          There is no way that Google would be number one in the browser wars, and even Firefox is bigger than Chrome. But hey, the world doesn't always agree with what you like or prefer. The only thing that matters to you, more than anything else, is making MS look bad, no matter how much reality and the truth disagrees with your views or expectations.
          adornoe
          • Do you have personal preference?

            Wrong one time, wrong two times, ... how many times can they be wrong about their numbers?!
            But we can take an average :-)

            I like Microsoft, when they are good at something, while I don't care what browser people use, I can tell ie is a bad browser compared with competition.
            You can find more posts from me praising MS than from you praising others or going against MS - who should we trust?
            Also I'm almost always right, your level of arrogance pro MS makes you wrong too many times :-P
            AleMartin
          • So iOS is 2 times bigger than android!!

            It's what netmarketshare numbers show.
            I will look at those numbers (also from statcounter) with a big question mark.

            You are the one trusting nestmarketshare numbers without a doubt, not me - read again my post.
            AleMartin
          • I use Opera BTW

            It has 1% market share :)

            And I'm not going to look for a site saying that opera is ahead of chrome or IE :)
            AleMartin
  • Wasn't there a "Fix-it" issue with this?

    I know I ran it.

    When the hot-fix arrives; I'll "Un-fix-it" :)
    JCitizen
  • exploit

    Your article title looks like the new expliot is called "rapid7" ;)
    tomofumi