The Hacker News Logo
Subscribe to Newsletter

Hackers Exploit Unpatched Windows XML vulnerability

Hackers Exploit Unpatched Windows XML vulnerability

An unpatched vulnerability in the Microsoft XML Core Services (MSXML) is being exploited in attacks launched from compromised websites to infect computers with malware. This zero-day exploit that potentially affects all supported versions of Microsoft Windows, and which has been tied to a warning by Google about state-sponsored attacks, has been identified carrying out attacks in Europe.

Microsoft security bulletin MS12-037 was this month’s cumulative update for Internet Explorer. It is rated as Critical, and addresses 14 separate vulnerabilities that affect every supported version of Internet Explorer in some way.One vulnerability in particular is more urgent than the rest, though. There are multiple attacks circulating online that target CVE-2012-1875.The name of the vulnerability is “Same ID Property Remote Code Execution Vulnerability”, which doesn’t really explain much.

Until a patch is released, the Microsoft workaround is the only way to stymie hackers. Many security vendors have updated their products to detect malicious code that tries to exploit the vulnerability. Exploit code that works on all versions of Internet Explorer on Windows XP, Vista and 7 has been added to the Metasploit penetration testing framework.

Microsoft has provided a temporary fix for the vulnerability that all Windows users should apply whether or not they use IE as their browser of choice. Most antivirus products have added signatures to detect and block exploits.

In addition, you can also run the Fix-It tool from Microsoft. The automated tool implements measures to block the attack vector used to exploit this vulnerability.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.