OFFICIAL SECURITY BLOG
September 18, 2013 | BY Joshua Cannell
Microsoft disclosed information on a new Internet Explorer zero-day vulnerability yesterday in a security advisory.
Dubbed CVE-2013-3893, the vulnerability exists in SetMouseCapture within mshtml.dll, part of Internet Explorer 6 through 11.
Fortunately, Microsoft released a “Fix it” workaround that will patch mshtml.dll and remove the vulnerability. Internet Explorer users should apply the Fix It immediately.
While Microsoft stated this vulnerability has only been seen in “extremely limited, targeted attacks,” it’s likely we’ll see more of it in the coming days, and perhaps integrated into exploit kits.
Emerging Threats, a leading provider in Intrusion Detection System (IDS) rules, updated their free ruleset yesterday with three rules detecting this vulnerability.
Web browsers are frequently attacked by exploits, which in turn usually lead to malware infections. For this reason, it’s very important that users consider security when choosing a web browser.
However, even the most secure web browser isn’t perfect, so it’s always nice to have additional protection.
Malwarebytes Anti-Exploit is designed to safeguard users from exploits targeting various applications, including those targeting Internet Explorer.
We’re pleased to report that Malwarebytes Anti-Exploit users were already protected from this vulnerability prior to its public release, as the vulnerability uses a special technique to execute malicious code that’s already blocked by Malwarebytes Anti-Exploit.
If you’re interested in trying out Malwarebytes Anti-Exploit BETA, you can download it for free by clicking here.
Joshua Cannell is a Malware Intelligence Analyst at Malwarebytes where he performs research and in-depth analysis on current malware threats. He has over 5 years of experience working with US defense intelligence agencies where he analyzed malware and developed defense strategies through reverse engineering techniques. His articles on the Unpacked blog feature the latest news in malware as well as full-length technical analysis. Follow him on Twitter @joshcannell