Microsoft blocked IE attacks with smart tactics

TipsMake.com - Last Tuesday, Microsoft has provided users with an 'add-on' application - Shim - capable of blocking attacks aimed at IE when they exploit an error discovered last month. .

Microsoft blocked IE attacks with smart tactics Picture 1

Andrew Storms - director of security operations at nCircle Security - said ' Shim for IE is news of the day. We do not expect a patch for IE nor wait for Shim '.

Shim is the term used to describe a compatible solution application. Storms found it consistent with the temporary patch yesterday because Microsoft used the Windows Application Compatibility Toolkit to modify IE so it would help avoid attacks by an error in the way this browser handles a CSS file (Cascading Style Sheets).

According to Storms, this is the first time it has used the Application Compatibility Toolkit to patch a zero-day error.

This tool, which has been part of Windows since Windows XP, was designed to allow older applications, including applications created for outdated versions of the operating system, to run. on the new version of Windows operating system.

Microsoft's solution is to use the Application Compatibility Toolkit to modify the main library of IE - a DLL or Dynamic-Link library named Mshtml.dll, containing translation technology - in memory each time IE runs. This edit will prevent recursive downloads of a CSS, effectively blocking current attacks.

Storms said: ' The fact that Microsoft uses the App Comp is really a surprising way. They have just regenerated it to help prevent zero-day errors. In short, they can use anything in their 'ammunition '.

Other researchers agree with this new strategy.

Wolfgang Kandek, chief technology officer of security firm Qualys, expressed his opinion: ' This is too creative. We like it because it will fix errors faster than a real patch . '

Qualys yesterday also confirmed that after applying this solution, the current errors are no longer executable.

Storms said: ' Another interesting thing is that you won't have to uninstall the shim before installing the patch, even if the message appears .'

Kandek hopes that Microsoft will close IE's vulnerability on February 8 in its monthly patch. However, Storms said that the launch of the shim is a good sign that Microsoft will provide in an emergency, updating the browser ever.

Microsoft first discovered CSS errors in IE on December 22, a few weeks after the French security firm, Vupen, published an important study that said all versions of IE, including IE8 can be hacked.

Since then, Microsoft has acknowledged that it is monitoring active attacks aimed at exploiting this vulnerability. This was reiterated yesterday, once again asserting that it can only "limit attacks aimed at exploiting this vulnerability."

Users can download IE from Microsoft homepage or right here.

5 ★ | 1 Vote

May be interested

  • The strangest military tactics in historyThe strangest military tactics in history
    in world history, there exist many other classic fighting tactics, be it the strategy of summoning the cat spirit to attack the enemy's psychology or taking advantage of nature to trick troops into traps... showing the cunning of the leader. army.
  • How to Know if Your Number is BlockedHow to Know if Your Number is Blocked
    finding out if you've been blocked by someone can be uncomfortable. if you think you've been blocked and need to check one way or another, you can call the number a few times and listen to how the call ends. note: if you know that the person has blocked you and still tries to call, they may sue you for harassment.
  • How to call when blocked number on iPhone?How to call when blocked number on iPhone?
    it may be for some reason that you have been blocked by a person, maybe because of a fight with your lover, or it may be because you accidentally let your baby play. however, sometimes you have an urgent need to inform that person but you cannot call or text because it is blocked. the following article will show you how to call when blocking numbers on iphone.
  • Gears Tactics: A tactical but action-packed genreGears Tactics: A tactical but action-packed genre
    despite the familiar gears brand, gears tactics is not a third-person shooter but a calculated turn-based strategy game.
  • Summary of popular network attacks todaySummary of popular network attacks today
    for attacks by exploiting vulnerabilities, hackers must be aware of security issues on the operating system or software and take advantage of this knowledge to exploit vulnerabilities.
  • Summary of several ways to access blocked websitesSummary of several ways to access blocked websites
    to access the blocked website you can use some solutions such as change dns, edit host file, change ip address (vpn, socks, ssh), ... below is a guide to access blocked website details.
  • Gears Tactics shows Microsoft's future strategy of making gamesGears Tactics shows Microsoft's future strategy of making games
    gears tactics is the first game in the gears of war series to appear on pcs before the xbox and it shows microsoft's gaming strategy.
  • The 4 most popular network attacks towards older people in 2018The 4 most popular network attacks towards older people in 2018
    a statistic has shown that in recent years, cyber attacks tend to focus more on older users.
  • How to Access Blocked WebsitesHow to Access Blocked Websites
    this tipsmake article teaches you how to open websites that are blocked in your region. a common reason websites are blocked is because of school or work regulations, or sometimes it's blocked by region, such as youtube videos.
  • Qualcomm introduces a smart sound platform with Cortana promising to explodeQualcomm introduces a smart sound platform with Cortana promising to explode
    while alexa and google are battling aggressively for the top dominance in the smart speaker market, microsoft's cortana is lagging behind. this will change soon after qualcomm announced that it will launch a new smart audio platform, developed with microsoft.