Recently, Microsoft addressed a new 0-day vulnerability In Internet Explorer that is known as MS15-093 in his out of band patch. Its widely anticipated out of band patch that had been used for Internet Explorer. It basically covers all supported versions as (Internet Explorer 7, 8, 10 or 11) and on every supported platforms. This vulnerability would allow an attacker to run arbitrary code on user’s system if the user had visited any malicious web site. A list of unwanted site may be compromised site, spear phishing website, or any other dubious site ads can be used to deliver exploits that is used for delivering exploits that were used for targeting this vulnerability to the innocent user. This harmful threat had been already used for targeting hole attacks on user PC.
This CVE-2015-2502 vulnerability is actively being exploited in the wild situation. This attack code is basically hosted on malicious webpage that all users have to visit in order to get infected with this vulnerability. Hence, attackers use a number of mechanism that to increase target reach so that its user visit these malicious web page.
Hosting the exploit on ad networks, that are next used by legitimate websites.
Gaining full control over these legal sites or blogs by exploiting vulnerabilities in the blogging server Software.
Setting up specific websites for the attack and manipulating search engine results.
It will send you a link to the site by e-mail or other messaging program.
It would basically infect all versions of Internet Explorer From Version 7 to 11. Users of new Edge Browser on Windows 10 would not get affected.
This security updates basically resolves a vulnerability in Internet Explorer. It could allow remote code execution if any user view specially any crafted webpage using their popular browser Internet Explorer. Hence, an attacker who had successfully exploited this vulnerability, could easily gain access as the current user. Typically, the customers whose accounts are configured to have fewer rights on the system that could be less impacted than those who basically operate on the administrative user rights.
This wild particular vulnerability is getting connected with memory corruption vulnerability, that has close connection with Internet Explorer, as its common problem for its user. As this vulnerability had been rated as “Critical By Microsoft” and thus, no mitigation were found in the given post, but there are several other factors that would help its user in lessen the risk of threats to the user.
First of all, we know that any code run only with the privileges of logged-in users, hence the user who run as normal user and not as administrator one, are having lesser risk. Second one, the users of the New Microsoft Edge Browser in Windows 10 could not have any risk. In addition, because of the Internet Explorer in server Versions of Windows as Server 2008, Server 2008 R2 and so on , runs in a restricted mode that would reduces the risk for these operating systems.
Detailed Vulnerability Information:-
“An attacker could basically host a malicious website which is designed to exploit this vulnerability through this popular browser as Internet Explorer, after that convince its user to view this particular website. This website could also take advantage of the compromised websites, and these websites normally accept host as user-provided content, or advertisements by adding specially crafted content that could easily exploit this vulnerability. In all above cases, an attacker could have to convince its users to take action , by getting them to click on suspicious link in instant messenger or email message that takes away its user to attackers website. It may getting them to open an attachment that were sent through email. Hence, an attacker who successfully exploited this vulnerability could easily gain the same user rights as current user. If the respective current users is logged on with administrative user rights, thus, an attacker that successfully exploited this vulnerability could easily take complete control on affected system. However, an attacker could easily install programs as well as view the frequent changes, delete data, or create new accounts with full user rights. Hence, the systems where Internet Explorer is frequently used, such as Workstations or terminals servers are the most risk from this vulnerability”.
“This CVE-2015-2502 memory corruption vulnerabilities basically exist because this IE does not properly manage some objects in memory. It is basically critical for Windows non-server Operating system as said by “Lane Thanes”, Software Development Engineer. Moreover, this vulnerability is normally moderate to all Windows platforms.
Once a computer get completely compromised by this infection, this attacker would have same user rights as current user, means that you are logged in with administrative rights, and its hacker would take complete control of your PC in easy way, and also make some changes to PC security settings completely.
Hence, its very clear that 0-day vulnerability is greatly exploited by its malicious attackers that would, but its wise to care about your system security. Thus, as long as people are there in the business of finding and exploiting Zero-day vulnerability , we are likely to find more patches in Internet Explorer. Its recommended for all Windows users to use Windows Update to download and install this update immediately.