Microsoft Patch Tuesday addresses exploited IE zero-day

Microsoft says IE issue believed to have been exploited by Chinese hackers will be addressed this Patch Tuesday.

Step 2: Keep your drivers and patches up-to-date

Microsoft will fix an Internet Explorer vulnerability that has been used in exploits allegedly carried out by Chinese hackers, but Patch Tuesday will not cover a Windows zero-day that has also been used in various attacks.

Over the weekend, FireEye researchers said a US website of strategic importance to the attackers' targets had been hacked to serve up an Internet Explorer zero-day.

The attackers were associated with those responsible for breaches of Google and others in the Operation Aurora attacks of 2009, and the compromise of security outfit Bit9. FireEye believes they are based in China.

We are actively looking into this issue and will take appropriate action to help protect customers.

Advertisement - Article continues below
Advertisement - Article continues below

But the flaw is set to be closed off by Microsoft in today's Patch Tuesday, the software giant confirmed to IT Pro.

A blog post from Dustin Childs, group manager at Microsoft's Trustworthy Computing Group, also confirmed the issue would be resolved, without referring specifically to the FireEye findings.

"Late last Friday a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publicly disclosed," Childs said.

"We have confirmed that this vulnerability is an issue already scheduled to be addressed in Bulletin 3, which will be released as MS13-090."

The Patch Tuesday fixes are set to be released at 6pm GMT today. Those who cannot wait till then have been advised to block ActiveX Controls and Active Scripting. They could also deploy Microsoft's Enhanced Mitigation Experience Toolkit (EMET), which should not negatively affect use of the browser.

"We are actively looking into this issue and will take appropriate action to help protect customers," a Microsoft spokesperson added.

Advertisement - Article continues below

However, Microsoft will not fix a vulnerability affecting Windows' rendering of TIFF images. Attacks exploiting that flaw have hit various Pakistani organisations, via a malformed graphics image embedded in a Microsoft Word document.

Those hits were linked to Operation Hangover, a campaign that had previously hit Pakistani government bodies.  FireEye also saw another operator, the Arx group, using the flaw to hit Indian and Pakistani bodies with the Citadel Trojan, a variant of banking malware Zeus.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


cloud computing

Microsoft has an edge on AWS, according to IT executives

8 Jan 2020

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Microsoft Surface Laptop 3 13in review: Almost the perfect laptop

6 Dec 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020

Openreach offers free full-fibre installation for thousands of homes

14 Jan 2020