The Latest in IT Security

New Internet Explorer Zero-day Found in Targeted Attacks


On September 17, Microsoft issued an advisory reporting a new zero-day vulnerability in Internet Explorer: Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893). The advisory states that the vulnerability may corrupt memory in a way that could allow attackers to execute arbitrary code. The attack works by enticing users to visit specially crafted websites that host the vulnerability through Internet Explorer. Microsoft also states that at this time the vulnerability is known to be exploited in only a limited number of targeted attacks.

While Microsoft is yet to release a patch for this vulnerability, they have provided a temporary "Fix It” tool solution as a workaround until a security update is made available. To ensure Symantec customers are protected against this Internet Explorer zero-day, the following protection has been put in place:


Intrusion Prevention System

Symantec will continue to investigate this attack to ensure the best possible protection is in place. As always, we recommend that users keep their systems up-to-date with the latest software patches and refrain from opening any suspicious emails. We also advise customers to use the latest Symantec technologies and incorporate the latest Symantec consumer and enterprise solutions to best protect against attacks of this kind.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments