Over the weekend Microsoft released Security Advisory 2963983, which details a new remote code execution vulnerability impacting ALL versions of Internet Explorer (IE6-IE11). Microsoft is aware of “limited, targeted attacks that attempt to exploit the vulnerability.” The company is currently investigating public reports of the vulnerability and it has yet to publicize details to the reserved CVE-2014-1776 but there are steps organizations can take to protect against this threat.
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The vulnerability affects ALL versions of Microsoft Internet Explorer (IE6-IE11).
Initial investigations reveal that Enhanced Protected Mode, as well as Enhanced Mitigation Experience Toolkit (EMET) 4.1 and EMET 5.0 Technical Preview, will help protect against this threat. As always, we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders.
Microsoft has also suggested workaround actions that organizations should consider implementing. Workarounds refer to a setting or configuration change that does not correct the underlying issue but help block known attack vectors before a security update is available.
For more details on Microsoft’s suggested workarounds, please visit: https://technet.microsoft.com/en-US/library/security/2963983#ID0EUFAC