Slashdot Mirror
Critical Internet Explorer 11 Vulnerability Identified After Hacking Team Breach
An anonymous reader writes: After analyzing the leaked data from last week's attack on Hacking Team, Vectra researchers discovered a previously unknown high severity vulnerability in Internet Explorer 11, which impacts the browser on both Windows 7 and Windows 8.1. The vulnerability is an exploitable use-after-free (UAF) vulnerability that occurs within a custom heap in JSCRIPT9. Since it exists within a custom heap, it can allow an attacker to bypass protections found in standard memory. Microsoft has published a patch for this vulnerability, and also patched another one pulled from the Hacking Team files by different security researchers.
If anything these leaks will remind us to continously rethink our security configurations. It needs to be on a neurotic level and even then it's probably not enough. Everything needs to be isolated and access has to be as limited as possible to data that's not explicitly needed for whatever task at hand. We need to always assume our systems are vulnerable and possibly even compromised without our knowledge.
Or wait, my boss just told me we don't have the budget for it. Never mind.
It's intensely annoying that programmers continue to re-invent the wheel and poorly whenever they need something which they're certain that nobody but their clever selves has ever thought of before. Would it kill them to use a data structure from the standard library of the language they're using? But no, they're too cool and smart for that. They have to code it up custom and then introduce dozens of silly bugs because they're too lazy to write tests and their code is perfect anyway, or so they think, and this is what we get. The best programmers that I have met and worked with are the ones with some humility rather than the arrogant asses who call themselves "10X" developers and other such crap. Yeah right, 10 times the bugs maybe.
Thank you to whoever hacked Hacking Team. Because of your work leaking the big data dump, a number of fairly nasty security holes in commonly used computer software such as Flash and Internet Explorer have now been patched by their manufacturers.
Companies (or government agencies) who discover/collect/buy/obtain unpatched vulnerabilities in software and sit on them so they can use them for spying purposes are no better than criminal gangs who discover/collect/buy/obtain unpatched vulnerabilities and sit on them so they can use them for building malware.
IMO There is NEVER a valid reason for ANY entity to hold onto an unpatched vulnerability and exploit it, not even the arguments of "National Security" and "we need this to stop terrorists" that have been used by the NSA and other agencies to justify this practice.
This sounds awfully familiar...OpenSSL had a critical vulnerability because they had decided to write a custom allocator instead of using the one provided by the OS. You would think IE developers, with their product being WIndows-only and strongly tied to Windows would never dream of reinventing the allocation wheel, especially as Windows memory management in general has had a huge amount of work done on it in the last few years to make it harder to exploit memory allocation bugs.
Oolite: Elite-like game. For Mac, Linux and Windows