JPCERT-AT-2012-0030
JPCERT/CC
2012-09-20(First edition)
2012-09-24(Updated)
<<< JPCERT/CC Alert 2012-09-20 >>>
Vulnerability in Microsoft Internet Explorer in September 2012
https://www.jpcert.or.jp/english/at/2012/at120030.html
I. Overview
Microsoft Internet Explorer contains multiple vulnerabilities. As a
result, a remote attacker could terminate Microsoft Internet Explorer
or execute arbitrary code by convincing a user to open specially
crafted contents.
Microsoft Security Advisory (2757760)
Vulnerability in Internet Explorer could allow remote code execution
http://technet.microsoft.com/en-us/security/advisory/2757760
Microsoft states that a target attack exploiting this vulnerability
has been confirmed. JPCERT/CC has also confirmed that an attack tool
leveraging this vulnerability has been publicly available.
*** Update: Updated on September 24, 2012 ****************************
On September 22, 2012, a security update concerning this
vulnerability has been released. We recommend users to update to the
latest version. Note that this security update also addresses
vulnerabilities other than those specified in the Microsoft Security
Advisory (2757760).
Microsoft Corporation
Microsoft Security Information MS12-063 - Critical
Cumulative security update program for Internet Explorer (2744842)
http://technet.microsoft.com/en-us/security/bulletin/ms12-063
**********************************************************************
II. Affected Systems
The affected products and versions are as follows:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
For more information, refer to Microsoft Security Advisory (2757760).
III. Solution
*** Update: Updated on September 24, 2012 ****************************
On September 22, 2012, Microsoft released the security update
(MS12-063).
Apply the security update through Windows Update or other software
as soon as possible.
Microsoft Update
https://www.update.microsoft.com/
Windows Update
http://windowsupdate.microsoft.com/
**********************************************************************
IV. Mitigation
*** Update: Updated on September 24, 2012 ****************************
By installing the security update, the following mitigation will
become unnecessary.
**********************************************************************
Microsoft has released the mitigation shown below. As a provisional
measure until the security update is released, please deploy this
mitigation. Before deploying the mitigation, please test the effects
on the products in advance. (For more information, refer to Microsoft
Security Advisory (2757760).)
- Deploy Microsoft Fix it 50939
Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution
http://support.microsoft.com/kb/2757760
- Deploy the Enhanced Mitigation Experience Toolkit (EMET)
- Set Internet and Local intranet security zone settings to "High"
to block ActiveX Controls and Active Scripting in these zones
- Configure Internet Explorer to prompt before running Active
Scripting or to disable Active Scripting in the Internet and
Local intranet security zone
V. References
Microsoft Corporation
Microsoft Security Advisory (2757760)
Vulnerability in Internet Explorer could allow remote code execution
http://technet.microsoft.com/en-us/security/advisory/2757760
Microsoft Corporation
Security Information in September 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-sep
JVNVU#480095
Vulnerability of arbitrary code which may execute in Internet Explorer
https://jvn.jp/cert/JVNVU480095/index.html
JVNTA12-262A
Release of Microsoft Security Advisory (2757760) concerning attacks on Internet Explorer
https://jvn.jp/cert/JVNTA12-262A/index.html
Update for vulnerability of Internet Explorer
JVNTA12-265A
https://jvn.jp/cert/JVNTA12-265A/index.html
Information-technology Promotion Agency, Japan
Workaround for vulnerability of Internet Explorer (KB2757760) (CVE-2012-4969)
https://www.ipa.go.jp/security/ciadr/vul/20120920-windows.html
If you have any information regarding this alert, please contact
JPCERT/CC.
________
Revision history
2012-09-20 First edition
2012-09-24 Information added in "I. Overview", "III. Solution",
"IV. Mitigation", "V. References"
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top