Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Vulnerability in Internet Explorer Could Allow Remote Code Execution


Report ID: MAPP-CVE20141776
Date Published: 30 April 2014
Date Revised: 2 May 2014

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11
 




Summary

A vulnerability in versions 6 - 11 of the Microsoft Internet Explorer web browser may, if successfully exploited, allow a remote attacker to execute arbitrary code in the context of the current user. Microsoft has received reports of limited, targeted attacks against this vulnerability in the wild.



Detailed Description

A vulnerability in the way Internet Explorer accesses an object in memory that has been deleted or improperly allocated can corrupt the memory and allow an attacker to execute arbitrary code in Internet Explorer in the context of the current user.

Successful exploitation may gain the attacker the same user rights as the current user; if the user has full administrative privileges on the system, the attacker may gain complete control of the system.

In order to exploit this vulnerability, the attacker must lure a user into viewing a specially crafted webpage. The restricted Enhanced Security Configuration mode set as default on some versions of Windows Server (2003, 2008, 2008 R2, 2012 and 2012 R2) mitigates this vulnerability.

 



CVE Reference

CVE-2014-1776



Detected Exploit

Detections
Exploit:JS/CVE-2014-1776.A

Databases
Hydra database version 2014-04-29_03 at 20:50:41 UTC

Release Date
29 April 2014



Solution

Update (2 May 2014): A patch for CVE-2014-1776 has been released in a security update, as addressed in this report: Security update for Internet Explorer.

Instructions for a workaround and use of the Enhanced Mitigation Experience Toolkit (EMET) are available in the Microsoft Security Advisory 2963983.

Removal/Disinfection
Allow F-Secure Internet Security or F-Secure Anti-Virus to block installation of malicious files, and to remove or disinfect malicious files if found on the system.



Additional Info




Online Scanner

 Scan and clean your PC

 

Submit a sample

Wondering if a file or URL is malicious?

Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)