NEWS FROM THE LAB - Wednesday, October 2, 2013

IE Vulnerability Update #Japan #Metasploit Posted by Sean @ 12:28 GMT

Microsoft's Security Advisory (2887505), regarding a vulnerability in Internet Explorer, was issued just over two weeks ago. We added exploit detection soon thereafter. At the time, Microsoft reported that exploitation of the vulnerability was in limited use.

Microsoft Security Advisory for CVE-2013-3893

Since then, evidence of attacks on Japanese targets via media sites has surfaced.

And in the last week, our customer upstream data indicates limited use within Taiwan.

Most importantly, there is now Metasploit support for CVE-2013-3893. So it's only a matter of time before it's added to popular exploit kits such as Blackhole. If not this week, then almost certainly a day or two after Microsoft releases its patch next Tuesday.

We recommend avoiding IE (if possible) until it's updated. If you manage a network, Microsoft has a Fix it tool available.

Updated to add: 8 Microsoft patches coming, including Internet Explorer zero-day