Microsoft Patch Tuesday addresses exploited IE zero-day

Microsoft says IE issue believed to have been exploited by Chinese hackers will be addressed this Patch Tuesday.

Step 2: Keep your drivers and patches up-to-date

Microsoft will fix an Internet Explorer vulnerability that has been used in exploits allegedly carried out by Chinese hackers, but Patch Tuesday will not cover a Windows zero-day that has also been used in various attacks.

Over the weekend, FireEye researchers said a US website of strategic importance to the attackers' targets had been hacked to serve up an Internet Explorer zero-day.

The attackers were associated with those responsible for breaches of Google and others in the Operation Aurora attacks of 2009, and the compromise of security outfit Bit9. FireEye believes they are based in China.

We are actively looking into this issue and will take appropriate action to help protect customers.

But the flaw is set to be closed off by Microsoft in today's Patch Tuesday, the software giant confirmed to IT Pro.

A blog post from Dustin Childs, group manager at Microsoft's Trustworthy Computing Group, also confirmed the issue would be resolved, without referring specifically to the FireEye findings.

"Late last Friday a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publicly disclosed," Childs said.

"We have confirmed that this vulnerability is an issue already scheduled to be addressed in Bulletin 3, which will be released as MS13-090."

The Patch Tuesday fixes are set to be released at 6pm GMT today. Those who cannot wait till then have been advised to block ActiveX Controls and Active Scripting. They could also deploy Microsoft's Enhanced Mitigation Experience Toolkit (EMET), which should not negatively affect use of the browser.

"We are actively looking into this issue and will take appropriate action to help protect customers," a Microsoft spokesperson added.

However, Microsoft will not fix a vulnerability affecting Windows' rendering of TIFF images. Attacks exploiting that flaw have hit various Pakistani organisations, via a malformed graphics image embedded in a Microsoft Word document.

Those hits were linked to Operation Hangover, a campaign that had previously hit Pakistani government bodies.  FireEye also saw another operator, the Arx group, using the flaw to hit Indian and Pakistani bodies with the Citadel Trojan, a variant of banking malware Zeus.

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

Microsoft Teams moves beyond the workplace
video conferencing

Microsoft Teams moves beyond the workplace

17 May 2021
Data breaches increase by a third as staff continue to work from home
cyber security

Data breaches increase by a third as staff continue to work from home

17 May 2021
Microsoft Surface Pro review: Still worth buying?
Laptops

Microsoft Surface Pro review: Still worth buying?

17 May 2021
What is phishing?
phishing

What is phishing?

17 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021