New Internet Explorer Zero-day Targeted in Attacks Against Korea and Japan
Created: 09 Oct 2013 14:08:36 GMT | Updated: 14 Nov 2013 03:59:00 GMT | Translations available: 日本語
In Microsoft’s Patch Tuesday for October 2013, the company released MS13-080 to address two critical vulnerabilities that have been actively exploited in limited targeted attacks. The first critical vulnerability in Internet Explorer, the Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893), was discussed in an earlier Symantec blog.
Intrusion Prevention System:
Symantec telemetry shows that the attack taking advantage of CVE-2013-3897 began around September 11, 2013 and that it has mainly affected South Korean users, due to how Web pages on a popular Korean blogging site were used to redirect users to the site hosting the exploit.
Symantec is continuing to investigate this attack to ensure that the best possible protection is available. As always, we recommend that users keep their systems up-to-date with the latest software patches. We also advise customers to use the latest Symantec technologies and incorporate the latest Norton consumer and Symantec enterprise solutions to best protect against attacks of this kind.
Update – 09 October, 2013:
Symantec has released an additional IPS signature to protect against CVE-2013-3897:
Update – 11 October, 2013:
Symantec has released an additional AV detection to protect against CVE-2013-3897: