Industry News

Microsoft Releases Temporary Fix for Internet Explorer Bug

Microsoft released a temporary fix for the Internet explorer bug that hackers exploited to break the website of the US Department of Labor last week. Attackers can exploit the hole by convincing users to visit compromised websites after clicking a link in an e-mail or Instant Messenger message.

Microsoft Releases Temporary Fix for Internet Explorer BugThe vulnerability allowed remote code execution on Internet Explorer 8 version and spread to other websites as well, including that of an aerospace company. Affected by the vulnerability were also several security, defense and non-profit organizations, according to The Hacker News.

“CVE-2013-1347 MSHTML Shim Workaround” was offered as a solution to prevent dangerous scenarios but doesn’t replace regular security updates.

“Microsoft is aware of attacks that attempt to exploit this vulnerability,” Microsoft representatives said on the Security TechCenter. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”

Microsoft also said the vulnerability doesn’t affect other versions of Internet Explorer. The company is investigating the issue and monitoring the threat landscape to take action against malicious sites that attempt to exploit the bug.

Last week, the US Department of Labor website was hacked and used to disseminate malware that collected data from users and sent it to a remote command-and-control server.

About the author


Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who's always on to a cybertrendy story. She's the industry news guru, who'll always keep a close eye on the AV movers and shakers and report their deeds from a fresh new perspective. Proud mother of one, she covers parental control topics, with a view to valiantly cutting a safe path for children through the Internet thicket. She likes to let words and facts speak for themselves.