Attackers turn to IE: Report

Know your enemy is a good defence for any country, or enterprise.

So here’s more advice for CSOs from another security vendor about what they’re likely to face in the short term.

Microsoft Internet Explorer vulnerabilities have increased more than 100 per cent since 2013, according to Bromium Inc., a Cupertino, Calif., endpoint security company that studied vulnerabilites and exploits discovered in the first six months of the year.

The trend is underscored by a progressively shorter time to first patch for IE’s past two releases, the vendor added.

Almost all Internet Explorer memory corruption exploits now use de facto ROP (Return Oriented Programming) techniques for bypassing the default Operating System security mechanisms (ASLR, DEP), the company said.

Its full report can be read here.

In the first half of 2014, the growth in zero day exploitation continued unabated from 2013, it says. Unsurprisingly, all of the zero day attacks targeted end-user applications such as browsers and productivity applications like Microsoft Office. Typically these attacks are launched leveraging users as bait using classic spear-phishing tactics.

“The notable aspect for this year thus far in 2014 is that Internet Explorer was the most patched and also one of the most exploited products, surpassing Oracle Java, Adobe Flash and others in the fray. ”

Bromium Labs believes that the browser will likely continue to be the sweet spot for attackers.

It also found that public Java zero-days exploits declined after leading last year among vulnerabilities and public exploits. In fact, there were no reported Java zero-day exploits so far this year.

Meanwhile, so-called Action Script Sprays are driving zero-day attacks. Both Internet Explorer and Flash zero-day attacks have leveraged Action Script Sprays, an emerging technique that bypasses address space layout randomization (ASLR) with a return-oriented program (ROP) chain.

“End users remain a primary concern for information security professionals because they are the most targeted and most susceptible to attacks,” Rahul Kashyap, Bromium’s chief security architect, said in a release. “Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now