Sign in with
Sign up | Sign in

0-Day Vulnerability in Internet Explorer Threatens Windows XP

By - Source: Microsoft | B 31 comments

On Monday, Microsoft acknowledged that hackers are attempting to exploit a vulnerability in version 6 to version 11 of Internet Explorer. The vulnerability is a remote code execution vulnerability, and exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated.

"The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer," reads the company's warning. "An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website."

Right now the active attacks are targeting IE9, IE10 and IE11, and dished out by a malicious web page that the user must access in order for the malware to infect the PC.

"An attacker would have no way to force users to visit these websites. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes users to the attacker's website," the warning adds.

The company's warning says that after completion of the investigation, Microsoft will either release a solution on Patch Tuesday this June, or via an out-of-cycle security update, depending on customer needs. For those who are still using Windows XP, you will not be protected via Microsoft.

"This happened a bit quicker than I expected but it is a sign of things to come; the vulnerability applies to Windows XP, IE6, IE7 and IE8 are listed as affected and attackers will soon adapt the exploit to work against these older versions of IE as well. Since you will not get a patch for your operating system, deregistering the DLL will be your best option to defend your systems," writes Qualys Inc. CTO Wolfgang Kandek. "Microsoft still lists IE6, IE7 and IE8 in these advisories because they run under Windows 2003, which has another year of support left in it."

One workaround, which is listed towards the bottom of Microsoft's alert, includes disabling VGX.dll, which is responsible for rendering of VML (Vector Markup Language) code in webpages. VML is only infrequently used on the web, Kandek adds, so disabling it in IE is the best way to prevent exploitation. To deregister it, type in the following:

regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

The Enhanced Mitigation Experience Toolkit (EMET) is another route, a free toolkit that Microsoft updates and maintains frequently. Or users can take the quicker route by using different web browsers such as Firefox and Chrome until the vulnerability is fixed.

Discuss
Add your comment Display all 32 comments.
  • 2 Hide
    wrathofdragon , April 28, 2014 4:03 PM
    yet another reason Internet Explorer is only good for downloading a normal browser...
  • 4 Hide
    everlast66 , April 28, 2014 4:16 PM
    People that run windows XP are not the screamish type
  • 0 Hide
    memadmax , April 28, 2014 4:41 PM
    Sooooo....

    Don't look at pornsites and you'll be fine...

    >_>
  • 0 Hide
    abbadon_34 , April 28, 2014 4:46 PM
    the timing is so .... convenient
  • 1 Hide
    Zombie615 , April 28, 2014 4:54 PM
    So what about the people using Internet Explorer 11 on Windows 8.1 are they safe or not?
  • 0 Hide
    danwat1234 , April 28, 2014 6:06 PM
    If the critical updates going to the UK government and maybe the NSA or whatever other government organizations are leaked for XP, then we won't need to disable that dll.
  • 0 Hide
    red77star , April 28, 2014 6:19 PM
    Another proof that your Windows is never secured whether that is Windows 7/8 or XP. Just don't use IE!
  • 0 Hide
    wrathofdragon , April 28, 2014 6:23 PM
    next think you know people are going to complain about AOL and the DialUp Connective speed...
  • 0 Hide
    Zombie615 , April 28, 2014 6:55 PM
    its always something with the internet. That's why I don't bank or do anything online unless I use a prepaid card that has just the amount of money that I'll be using to purchase said item. Also, I don't save anything on my computer that could be useful to a hacker. Don't view porn or anything else on my computer an I don't visit websites that I have no idea about.
  • 0 Hide
    brandonjclark , April 28, 2014 7:03 PM
    @Zombie... Yeah, we know what you mean, but 2003 wants its excuse back.
  • 0 Hide
    Zombie615 , April 28, 2014 7:13 PM
    Quote:
    @Zombie... Yeah, we know what you mean, but 2003 wants its excuse back.


    What do you mean 2003 wants it's excuse back?
  • 0 Hide
    wrathofdragon , April 28, 2014 7:27 PM
    Quote:
    Quote:
    @Zombie... Yeah, we know what you mean, but 2003 wants its excuse back.


    What do you mean 2003 wants it's excuse back?


    since then almost everything is done online...
  • 0 Hide
    jimmysmitty , April 28, 2014 7:30 PM
    Quote:
    Another proof that your Windows is never secured whether that is Windows 7/8 or XP. Just don't use IE!


    While this is a IE specific threat it does not mean other browsers are not safe from attack.

    The real threat? Stupid people who click links for this in their email.
  • 0 Hide
    stingstang , April 28, 2014 7:46 PM
    Please, let me hear again how XP isn't safe now. I don't think any of us are catching on yet.
  • -3 Hide
    ipwn3r456 , April 28, 2014 8:01 PM
    Right after windows XP ended support. Did Microsoft intend to do this?
  • 0 Hide
    ipwn3r456 , April 28, 2014 8:01 PM
    Right after windows XP ended support. Did Microsoft intend to do this?
  • 0 Hide
    MasterMace , April 28, 2014 8:51 PM
    Further proof that you should not be using Internet Explorer.
  • 0 Hide
    DrBackwater , April 28, 2014 10:22 PM
    Why not tom, they're cool so sad sad sad sad.
  • 0 Hide
    cats_Paw , April 29, 2014 12:57 AM
    Why is the hacker in that pick wearing a mask?
    Why would people use IE anyway?
  • 0 Hide
    rwinches , April 29, 2014 1:12 AM
    Hypothetically a danger exist that hypothetically could cause hypothetically a problem that hypothetically if you are stupid and hypothetically use IE and hypothetically are easily swayed by hypotheticals then you may want to follow these steps. All others carry on.
Display more comments
React To This Article