Patches for Internet Explorer Zero-Day Causing Problems for Many Users

Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch.

On September 23, Microsoft released an out-of-band patch to address a zero-day memory corruption flaw in Internet Explorer (CVE-2019-1367) that has been exploited in attacks in the wild.

The vulnerability resides in the Internet Explorer’s scripting engine, it affects the way that objects in memory are handled.

An attacker could exploit the vulnerability to gain the same privileges as the current user, the attack could be critical if the current user gains administrative privileges.

In order to exploit the vulnerability, an attacker could host a specially crafted website that is designed to trigger the flaw when Internet Explorer users will visit it. The attacker only has to trick victims into visiting the malicious website, for example, by sending to the victims a link to the malicious website via email or in a malicious email attachment (HTML file, PDF file, Microsoft Office document) that supports embedding the scripting engine content.

“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.” reads the security advisory published by Microsoft. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. “

On October 3, Microsoft released another set of patches for the zero-day vulnerability, because some users experienced certain printing issues following the installation of the initially released by the tech giant.

“To address a known printing issue customers might experience after installing the Security Updates or IE Cumulative updates that were released on September 23, 2019 for CVE-2019-1367, Microsoft is releasing new Security Updates, IE Cumulative Updates, and Monthly Rollup updates for all applicable installations of Internet Explorer 9, 10, or 11 on Microsoft Windows,” reads Microsoft Security Update Releases notification email sent to the users.

Several users reported that the cumulative update released by Microsoft is causing also boot issues and the crash of the start menu.

Microsoft pointed out that the IE Cumulative updates are separate from the October Patch Tuesday updates which are scheduled for October 8.

Pierluigi Paganini

( SecurityAffairs – CVE-2019-1367 , hacking)

Share this...

Linkedin Reddit Pinterest

Share On