Microsoft Patch Tuesday addresses exploited IE zero-day

Microsoft says IE issue believed to have been exploited by Chinese hackers will be addressed this Patch Tuesday.

Step 2: Keep your drivers and patches up-to-date

Microsoft will fix an Internet Explorer vulnerability that has been used in exploits allegedly carried out by Chinese hackers, but Patch Tuesday will not cover a Windows zero-day that has also been used in various attacks.

Over the weekend, FireEye researchers said a US website of strategic importance to the attackers' targets had been hacked to serve up an Internet Explorer zero-day.

The attackers were associated with those responsible for breaches of Google and others in the Operation Aurora attacks of 2009, and the compromise of security outfit Bit9. FireEye believes they are based in China.

But the flaw is set to be closed off by Microsoft in today's Patch Tuesday, the software giant confirmed to IT Pro.

A blog post from Dustin Childs, group manager at Microsoft's Trustworthy Computing Group, also confirmed the issue would be resolved, without referring specifically to the FireEye findings.

"Late last Friday a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publicly disclosed," Childs said.

"We have confirmed that this vulnerability is an issue already scheduled to be addressed in Bulletin 3, which will be released as MS13-090."

The Patch Tuesday fixes are set to be released at 6pm GMT today. Those who cannot wait till then have been advised to block ActiveX Controls and Active Scripting. They could also deploy Microsoft's Enhanced Mitigation Experience Toolkit (EMET), which should not negatively affect use of the browser.

"We are actively looking into this issue and will take appropriate action to help protect customers," a Microsoft spokesperson added.

However, Microsoft will not fix a vulnerability affecting Windows' rendering of TIFF images. Attacks exploiting that flaw have hit various Pakistani organisations, via a malformed graphics image embedded in a Microsoft Word document.

Those hits were linked to Operation Hangover, a campaign that had previously hit Pakistani government bodies.  FireEye also saw another operator, the Arx group, using the flaw to hit Indian and Pakistani bodies with the Citadel Trojan, a variant of banking malware Zeus.

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Recommended

Gmail vs Outlook.com: Which one is better?
email providers

Gmail vs Outlook.com: Which one is better?

26 Nov 2021
Business customers can get 30% off the Surface Laptop Go for Black Friday 2021
Laptops

Business customers can get 30% off the Surface Laptop Go for Black Friday 2021

26 Nov 2021
Hackers use SquirrelWaffle malware to hack Exchange servers in new campaign
malware

Hackers use SquirrelWaffle malware to hack Exchange servers in new campaign

22 Nov 2021
Podcast transcript: Can the US take on big tech?
Policy & legislation

Podcast transcript: Can the US take on big tech?

19 Nov 2021

Most Popular

Looking beyond the obvious: What’s best for multi-cloud?
Sponsored

Looking beyond the obvious: What’s best for multi-cloud?

8 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021