Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Microsoft Releases ‘Fix It’ to Address Recent IE Vulnerability Used in Watering Hole Attacks

Microsoft on Wednesday released a one-click Fix it to help protect customers from a recently-disclosed security vulnerability (CVE-2013-1347) affecting Internet Explorer 8 that was used in recent watering hole attacks that hit several sites including the website for the U.S. Department of Labor.

Microsoft on Wednesday released a one-click Fix it to help protect customers from a recently-disclosed security vulnerability (CVE-2013-1347) affecting Internet Explorer 8 that was used in recent watering hole attacks that hit several sites including the website for the U.S. Department of Labor.

The Fix It is Microsoft’s short-term fix while the software giant works on an official security update to address the issue.

As part of the attack, sites were compromised and setup to serve up malware in drive-by-download attacks. In the case of the Department of Labor website compromise, if the malware successfully exploited the IE flaw, it downloaded a variant of Poison Ivy remote access Trojan (RAT) that was modified to evade detection, which at the time was detected by few antivirus scanners.

News of the fix comes shortly after the Metasploit Framework was updated with a module to exploit the vulnerability. 

The Fix it is available to all customers and helps block the known attacks, and shouldn’t cause any issues when browsing the Web.

Applying the Fix it does not require a reboot, Microsoft said.

“We have updated Security Advisory 2847140 with an easy one-click Fix it to help protect Internet Explorer 8 customers,” said Dustin Childs, Group Manager, Response Communications, Microsoft Trustworthy Computing in a statement. “Customers should apply the Fix it or follow the workarounds listed in the advisory to help protect against the known attacks while we continue working on a security update.”

Microsoft reminded that Internet Explorer 6, 7, 9 and 10 are not affected by the vulnerability in question.

According to Jamie Blasco, director of AlienVault labs, the protocol used in the watering hole attacks matches a backdoor used by a known Chinese hacker called DeepPanda, who also noted the similarities in this attack and the ones earlier this year against a Thailand-based non-governmental organization.

Microsoft recommends that all customers using Internet Explorer 8 apply the Fix it to help ensure protection.

More information is available at the Microsoft Security Response Center blog, and guidance is also available for checking your browser version and upgrading at the Security Tips & Talk blog.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.