Deploy Enhanced Mitigation Experience Toolkit (EMET) 3.0 IE9 Remote Code Execution Vulnerability - SA2757760 Issued

Update 09/19: Microsoft made available a Fix it to address the issue. "This is an easy, one-click solution that will help protect your computer right away," Microsoft stated. "It will not affect your ability to browse the web, and it does not require a reboot of your computer."Microsoft's Security Response team in new Security Advisory […]

Update 09/19: Microsoft made available a Fix it to address the issue. "This is an easy, one-click solution that will help protect your computer right away," Microsoft stated. "It will not affect your ability to browse the web, and it does not require a reboot of your computer."

Microsoft's Security Response team in new Security Advisory "2757760" released today addresses an issue that affects Internet Explorer 9 and earlier interation of the browser -- when a user these browser to view a website hosting malicious code.

Internet Explorer 10 is not affected.

"A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website," Microsoft stated.

Microsoft says they are working to develop a security update to address this issue -- in the meantime, customers using Internet Explorer are protected when they deploy the following workarounds and mitigations included in the advisory.

"EMET in action is unobtrusive and should not affect customers' Web browsing experience," adds MSRC.

  • Deploy the Enhanced Mitigation Experience Toolkit (EMET) version 3.0. "This will help prevent exploitation by providing mitigations to help protect against this issue and should not affect usability of websites," MSRC said.
  • Set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones. "This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption," the MSRC explains.
  • Configuring Internet Explorer to prompt before running Active Scripting or to disabling Active Scripting in the Internet and local intranet security zones -- "will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption".