Microsoft said that a critical zero-day vulnerability has been found in Internet Explorer, right from IE6 to IE11, that allows cyber-criminals to exploit it using Drive-by attacks.
Drive-by download attacks occur when vulnerable computers get infected by just visiting a website. It’s accepted that Drive-by download attacks continue to be many attackers’ favourite type of attack. This is because the attack can be easily launched through injection of a malicious code to legitimate websites. Once injected, malicious code may exploit vulnerabilities in operating systems, web browsers and web browser plugins such as Java, Adobe Reader and Adobe Flash. The initial code that gets downloaded is usually small. But once it lands on your computer, it will contact another computer and pull the rest of the malicious coder to your system.
Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
Microsoft is expected to release a patch for this vulnerability very soon. But it will be available for supported operating systems. It will not be available for Windows XP as this operating system is no longer supported. This will leave Windows XP users exposed to risks.
Apart from following other steps to secure their Windows XP, users may do the following to mitigate this issue, till a patch to fix it is released:
- Disable the Flash plug-in within IE
- Do not click on any doubtful links and immediately close IE if they find something suspicious
- Use Microsoft’s anti-exploit tool – Enhanced Mitigation Experience Toolkit.
- Unregister the vgx.dll file. Go here to read how to unregister dll files in Windows.
- Set Internet and Local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting
- Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
- Consider using an alternative browser on your Windows XP.