Microsoft Patch Tuesday addresses exploited IE zero-day

Microsoft says IE issue believed to have been exploited by Chinese hackers will be addressed this Patch Tuesday.

Step 2: Keep your drivers and patches up-to-date

Microsoft will fix an Internet Explorer vulnerability that has been used in exploits allegedly carried out by Chinese hackers, but Patch Tuesday will not cover a Windows zero-day that has also been used in various attacks.

Over the weekend, FireEye researchers said a US website of strategic importance to the attackers' targets had been hacked to serve up an Internet Explorer zero-day.

Advertisement - Article continues below

The attackers were associated with those responsible for breaches of Google and others in the Operation Aurora attacks of 2009, and the compromise of security outfit Bit9. FireEye believes they are based in China.

We are actively looking into this issue and will take appropriate action to help protect customers.

But the flaw is set to be closed off by Microsoft in today's Patch Tuesday, the software giant confirmed to IT Pro.

A blog post from Dustin Childs, group manager at Microsoft's Trustworthy Computing Group, also confirmed the issue would be resolved, without referring specifically to the FireEye findings.

"Late last Friday a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publicly disclosed," Childs said.

"We have confirmed that this vulnerability is an issue already scheduled to be addressed in Bulletin 3, which will be released as MS13-090."

Advertisement - Article continues below

The Patch Tuesday fixes are set to be released at 6pm GMT today. Those who cannot wait till then have been advised to block ActiveX Controls and Active Scripting. They could also deploy Microsoft's Enhanced Mitigation Experience Toolkit (EMET), which should not negatively affect use of the browser.

Advertisement - Article continues below

"We are actively looking into this issue and will take appropriate action to help protect customers," a Microsoft spokesperson added.

However, Microsoft will not fix a vulnerability affecting Windows' rendering of TIFF images. Attacks exploiting that flaw have hit various Pakistani organisations, via a malformed graphics image embedded in a Microsoft Word document.

Those hits were linked to Operation Hangover, a campaign that had previously hit Pakistani government bodies.  FireEye also saw another operator, the Arx group, using the flaw to hit Indian and Pakistani bodies with the Citadel Trojan, a variant of banking malware Zeus.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now



Microsoft prioritises extra Azure capacity for 'key customers'

23 Mar 2020

Microsoft Edge branded as ‘worrisome’ for user privacy

18 Mar 2020

10 quick tips to identifying phishing emails

16 Mar 2020

Microsoft accidentally leaks details on a wormable SMB flaw

11 Mar 2020

Most Popular

operating systems

How to speed up Windows 10

4 Mar 2020
cyber security

Critical NHS cyber security checks suspended due to coronavirus response

19 Mar 2020

Apple’s 2020 iPad Pro might finally be a computer replacement

19 Mar 2020
flexible working

Perfecting your remote working strategy

20 Mar 2020