May 6th, 2013, 21:45 PM
Microsoft confirms IE 8 zero day exploit
Microsoft has confirmed that their is a zero day exploit in Internet Explorer 8 that lead to hacks on the US Department of Labour (DOL) and the Department of Energy (DOE) websites.
The exploits discovery came from research uncovered by AlienVault Labs. According to the security research firm, the hack led website traffic to be redirected to malicious code. Following the disclosure Microsoft has said it is working to patch the exploit.
"This is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated," wrote Microsoft in a security advisory on the exploit.
"The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website."
Redmond says that the exploit is currently being examined and a patch should be expected to come as part of the impending Patch Tuesday release. Until the patch is released, Microsoft recommends users implement basic security protections.
According to AlienVault, the exploit was used by Chinese hackers to grab hold of government data. The exploit reportedly led to files being downloaded onto hacker's servers.
The exploit was originally considered to be focused on gathering intelligence from the DOL to better understand their sites security defensives. However, research firm Invincea later discovered that the hack was intended to serve as a water hole attack.
According to Invincea, the hack was aimed at collecting data from DOE employees who worked with the DOL website. The research firm says that the goal of the hack was to uncover information from DOE workers that handled nuclear-related illness related to DOE facilities.