-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2014-050 Title: Microsoft Internet Explorer 8 Remote Code Execution [1] Version history: 22.05.2014 Initial publication Summary ======= Internet Explorer 8 is prone to a remote code-execution vulnerability due to a use-after-free condition. Specifically, this issue occurs due to an error in handling the 'CMarkup::CreateInitialMarkup' object when certain JavaScript code is executed and then followed by a CollectGarbage call. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. CVE numbers: [2] CVE-2014-1770 CVSS Version 2 Scores CVSS2 Base 6.8 CVSS2 Temporal 5.5 CVSS2 Base Vector AV:N/AC:M/Au:N/C:P/I:P/A:P CVSS2 Temporal VectorE:U/RL:U/RC:UR Vulnerable systems ================== Microsoft Windows Internet Explorer 8 Attack Scenarios ================ 1. An attacker crafts a malicious webpage to leverage this issue. The page would possibly contain replacement memory addresses, NOP instructions, and arbitrary code. 2. The attacker uses email or other means to distribute the page or to entice an unsuspecting victim to use the affected browser to follow a link to the page. 3. When the page is processed, the attacker's code runs in the context of the user running the browser. What can you do? ================ There has not been published a patch yet. Microsoft Internet Explorer 11 is not afected, so this upgrade fix the problem. Some Mitigating Strategies: [1] Set Internet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. Install EMET, The Enhanced Mitigation Experience Toolkit (EMET) enables users to manage security mitigation technologies that help make it more difficult for attackers to exploit vulnerabilities in a given piece of software. EMET helps to mitigate this vulnerability in Internet Explorer on systems where EMET is installed and configured to work with Internet Explorer. For more information about EMET, see The Enhanced Mitigation Experience Toolkit. What to tell your users? ======================== N/A More information ================ [1] http://www.zerodayinitiative.com/advisories/ZDI-14-140/ [2] http://www.kb.cert.org/vuls/id/239151 Best regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJTfgNWAAoJEPpzpNLI8SVo0/4P/3Vsiulh40TeKDhVtSGJ9ylh ipZZ1zItVPcQ/0xa6ycC2d0oqjONTa6Kf7p+BdN5QJXq87IKBwl9QTfOWtTWy/IH v/d2/ZhBAGpkeTXrqhwngz9W+SlTpL4NW2Rh/R3sTEimVpivo16kqMii3Mqn3FNP GD0oKlA6dp30ctlHDorOVYERE7p16XYW9ZDCU2Nen35H99l12iRJ4fCVf4J6uq/z 7zQzFhrSt4tfLoCgch+r1NLdSF8Nbso0JdC9pduRuj97959H3HOLc6GnmoB/Pzsj fvtIglxNIoOA29NaDgPBUoMN9gweMz3hDwvzYKsc+/vL7ZdznA+livE6sKjU9DZg KwJ0xX+DyB5P4jMICMZG2EM91A/yqWA5DQeP0R37KvyIVr9EgYJB3y9quQa/a6hB cGHpOG5X/cjHnLgoxJhFAsMtWgC47cnmg7xtPk+LWbyGgx81/c52oUmK2UNrvIfj KFi+uOa4fW6n+AUIQntXEfzx6A2R01DoXT2whXQyXpy7YeJnXO96tRzGepl2TBUQ OXR82MDSOqikdboHOhrIvu3so/cmvCM0HKaR81X8wJ/5PjnT23msXRbWFTZHqe9D jNbVF5D8Irus8a5TrlZ9WB7kuqneQTrgFnLtReC50sJxCQMbBUtZ0C4kPVloyGwm C19P4i1A52jq2dTHXeRF =fFpc -----END PGP SIGNATURE-----