The scripting engine in the Internet Explorer is vulnerable to remote code execution attacks due to memory corruption.
The scripting engine when handling objects in memory in the Internet Explorer is vulnerable to a Remote Code Execution attack. The attacks involve specially crafted web pages promoted through social engineering. Patched versions have been released by the vendor.
In the Internet Explorer, the handling of objects by the scripting engine in memory is vulnerable to a remote code execution attack. In case of a successful attack, an attacker could execute arbitrary code in the context of the current user, acquiring all the user privileges associated with the user. In case the current user has administrative privileges, the whole system could be taken over by the attacker.
In a web-based attack scenario that may involve social engineering, the attack is possible via a specially designed website meant to exploit the vulnerability in the internet explorer. An attacker can also take advantage of compromised websites or websites that deal with advertisements and user-provided content. These websites can be specially designed with the motive of exploiting this vulnerability.
Microsoft Internet Explorer version 11 and earlier are vulnerable to a use-after-free vulnerability that can be exploited in remote code execution attacks. This may hand over elevated user privileges of the system to an attacker, who is then able to install programs; view, modify, or delete data; or create new accounts with full user rights. Proof-of-concept (PoC) code is publicly available and Microsoft has seen exploitation in the wild.
An attacker would need to use a specially crafted web page to exploit this vulnerability. The target audience is convinced to visit the page via social engineering techniques, after which some file on the page drops payloads on the system to execute a remote code.
It is also possible for an attacker to embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the IE rendering engine. The system may crash during the exploitation attempt.
When this vulnerability is triggered, it causes a ‘use after free’ condition in vbscript!AssignVar. This highly critical vulnerability has been addressed in the August updates by Microsoft.
Microsoft reports that the following products and versions are vulnerable.
The vendor has released updates for the affected products. Please follow this link for downloading the relevant updates.
If you think you are a victim of a cyber-security attack. Immediately send an email to firstname.lastname@example.org for a rapid response.