Slashdot Mirror

← Back to Stories (view on slashdot.org)

Critical Internet Explorer 11 Vulnerability Identified After Hacking Team Breach

Posted by Soulskill on from the who-knows-where-zero-days-hide dept.

An anonymous reader writes: After analyzing the leaked data from last week's attack on Hacking Team, Vectra researchers discovered a previously unknown high severity vulnerability in Internet Explorer 11, which impacts the browser on both Windows 7 and Windows 8.1. The vulnerability is an exploitable use-after-free (UAF) vulnerability that occurs within a custom heap in JSCRIPT9. Since it exists within a custom heap, it can allow an attacker to bypass protections found in standard memory. Microsoft has published a patch for this vulnerability, and also patched another one pulled from the Hacking Team files by different security researchers.

4 of 58 comments (clear)

  1. For IE users .. by invictusvoyd · · Score: 4, Funny

    Do not look at the laser with the remaining eye

  2. Thank you to whoever hacked Hacking Team by jonwil · · Score: 5, Insightful

    Thank you to whoever hacked Hacking Team. Because of your work leaking the big data dump, a number of fairly nasty security holes in commonly used computer software such as Flash and Internet Explorer have now been patched by their manufacturers.

    Companies (or government agencies) who discover/collect/buy/obtain unpatched vulnerabilities in software and sit on them so they can use them for spying purposes are no better than criminal gangs who discover/collect/buy/obtain unpatched vulnerabilities and sit on them so they can use them for building malware.

    IMO There is NEVER a valid reason for ANY entity to hold onto an unpatched vulnerability and exploit it, not even the arguments of "National Security" and "we need this to stop terrorists" that have been used by the NSA and other agencies to justify this practice.

    1. Re:Thank you to whoever hacked Hacking Team by fustakrakich · · Score: 3, Insightful

      Companies (or government agencies) who discover/collect/buy/obtain unpatched vulnerabilities in software and sit on them...

      When a government acts badly, the citizens have an obligation to correct it. When they don't, they are complicit.

      --
      “He’s not deformed, he’s just drunk!”
  3. Custom allocator by Alioth · · Score: 3, Insightful

    This sounds awfully familiar...OpenSSL had a critical vulnerability because they had decided to write a custom allocator instead of using the one provided by the OS. You would think IE developers, with their product being WIndows-only and strongly tied to Windows would never dream of reinventing the allocation wheel, especially as Windows memory management in general has had a huge amount of work done on it in the last few years to make it harder to exploit memory allocation bugs.

    --
    Oolite: Elite-like game. For Mac, Linux and Windows