With Microsoft no longer issuing security patches for Windows XP, what do zero-day security advisories from the company look like now?
Like the one issued over the weekend that doesn’t mention the venerable OS at all, although security experts are certain it’s affected.
Officially, the zero-day exploit hits Internet Explorer version 6 to 11. But knowledgeable people say that’s not all. “People should assume that Windows XP is affected as new vulnerabilities are discovered unless the description specifies a single version of Windows being affected,” writes Lucas Zaichowsky, enterprise defense architect at AccessData, which makes digital forensics products.
According to the Micrsosoft alert, “the vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”
Yes, viewing the Web site alone will get a user infected.
The vulnerability is so serious that the Unites States Computer Emergency Readiness Team (US-CERT) said that those who can’t follow Microsoft’s mitigation recommendations — including Windows XP users — should consider using another browser.
Meanwhile two new Adobe Flash vulnerabilities have been discovered, according to Kaspersky labs. In a blog the company said each exploit comes as an unpacked flash video file and the source appears to be from a Syrian government Web site. That, and analysis of the code, led it to conclude the exploit is targeted against Syrian dissidents who wanted to use the site to register complaints about government activity.
While one exploit can infect almost any unprotected computer, the other only works properly on computers where Adobe Flash Player 10 ActiveX and Cisco MeetingPlace Express Add-In are installed, Kaspersky says.
Adobe has issued updates to Flash Player to protect against the exploits.