Microsoft Release Security Advisory MSA-2794220 for CFE Internet Explorer 0day
Microsoft has release a security advisory MSA-2794220 for the Internet Explorer 0day used against Council on Foreign Relations (CFR.org) “drive-by” attack. This attack was reported the 28 December by “The Washington Free Beacon” but it seem that only 48 hours after the publication of this news an exploitable Metasploit module will be available during this long week-end end of the year.
— sinn3r (@_sinn3r) Décembre 29, 2012
Microsoft confirm, in the security advisory, that the vulnerability is only affecting Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Internet Explorer 9 and Internet Explorer 10 are not affected by the vulnerability. Also this Internet Explorer vulnerability has been identified as CVE-2012-4792.
Microsoft is not providing any date for a patch release, but will the appropriate actions, which may include providing a solution through the monthly security update release process, or an out-of-cycle security update. The next “Patch Tuesday“ cycle is planned for the 8 January, but depending on how fast the exploit kits will include this new vulnerability, it will be maybe possible that Microsoft will release an out-of-band patch.
As always Microsoft is recommending the usage of Enhanced Mitigation Experience (EMET) in order to mitigate the attack.
I recommend you to read these related posts
- Microsoft Internet Explorer CButton Vulnerability Metasploit Demo
- Attack and IE 0day Informations Used Against Council on Foreign Relations
- Capstone Turbine Corporation Also Targeted in the CFR Watering Hole Attack And More
- Microsoft Out-Of-Band Patch for Internet Explorer CVE-2012-4792 Vulnerability
- MS13-008 Patch Internet Explorer CVE-2012-4792 0day Vulnerability
- Chinese Uygur Minority Also Targeted in the CFR Watering Hole Attack And More
- Department of Labor Watering Hole Campaign Review
- Watering Hole Campaign Use Latest Java and IE Vulnerabilities
- Forgotten Watering Hole Attacks On Space Foundation and RSF Chinese
- A Deeper Look In CVE-2012-4792 Watering Hole Campaigns – Alljap Chapter