Microsoft blocked IE attacks with smart tactics
TipsMake.com - Last Tuesday, Microsoft has provided users with an 'add-on' application - Shim - capable of blocking attacks aimed at IE when they exploit an error discovered last month. .
Andrew Storms - director of security operations at nCircle Security - said ' Shim for IE is news of the day. We do not expect a patch for IE nor wait for Shim '.
Shim is the term used to describe a compatible solution application. Storms found it consistent with the temporary patch yesterday because Microsoft used the Windows Application Compatibility Toolkit to modify IE so it would help avoid attacks by an error in the way this browser handles a CSS file (Cascading Style Sheets).
According to Storms, this is the first time it has used the Application Compatibility Toolkit to patch a zero-day error.
This tool, which has been part of Windows since Windows XP, was designed to allow older applications, including applications created for outdated versions of the operating system, to run. on the new version of Windows operating system.
Microsoft's solution is to use the Application Compatibility Toolkit to modify the main library of IE - a DLL or Dynamic-Link library named Mshtml.dll, containing translation technology - in memory each time IE runs. This edit will prevent recursive downloads of a CSS, effectively blocking current attacks.
Storms said: ' The fact that Microsoft uses the App Comp is really a surprising way. They have just regenerated it to help prevent zero-day errors. In short, they can use anything in their 'ammunition '.
Other researchers agree with this new strategy.
Wolfgang Kandek, chief technology officer of security firm Qualys, expressed his opinion: ' This is too creative. We like it because it will fix errors faster than a real patch . '
Qualys yesterday also confirmed that after applying this solution, the current errors are no longer executable.
Storms said: ' Another interesting thing is that you won't have to uninstall the shim before installing the patch, even if the message appears .'
Kandek hopes that Microsoft will close IE's vulnerability on February 8 in its monthly patch. However, Storms said that the launch of the shim is a good sign that Microsoft will provide in an emergency, updating the browser ever.
Microsoft first discovered CSS errors in IE on December 22, a few weeks after the French security firm, Vupen, published an important study that said all versions of IE, including IE8 can be hacked.
Since then, Microsoft has acknowledged that it is monitoring active attacks aimed at exploiting this vulnerability. This was reiterated yesterday, once again asserting that it can only "limit attacks aimed at exploiting this vulnerability."
Users can download IE from Microsoft homepage or right here.
You should read it
- Microsoft released security patches for old IE
- Some machines failed to boot after installing security patches for Internet Explorer
- Microsoft released an emergency security patch, urging Windows users to install now
- Detecting zero-day vulnerabilities in Internet Explorer helps hackers gain control of the computer
- Microsoft patches new security for Internet Explorer
- Microsoft provides security patches for Windows, IE
- Microsoft has not patched security issues in IE8 for 7 months
- How to enable Internet Explorer mode on Microsoft Edge
May be interested
- The strangest military tactics in historyin world history, there exist many other classic fighting tactics, be it the strategy of summoning the cat spirit to attack the enemy's psychology or taking advantage of nature to trick troops into traps... showing the cunning of the leader. army.
- How to Know if Your Number is Blockedfinding out if you've been blocked by someone can be uncomfortable. if you think you've been blocked and need to check one way or another, you can call the number a few times and listen to how the call ends. note: if you know that the person has blocked you and still tries to call, they may sue you for harassment.
- How to call when blocked number on iPhone?it may be for some reason that you have been blocked by a person, maybe because of a fight with your lover, or it may be because you accidentally let your baby play. however, sometimes you have an urgent need to inform that person but you cannot call or text because it is blocked. the following article will show you how to call when blocking numbers on iphone.
- Gears Tactics: A tactical but action-packed genredespite the familiar gears brand, gears tactics is not a third-person shooter but a calculated turn-based strategy game.
- Summary of popular network attacks todayfor attacks by exploiting vulnerabilities, hackers must be aware of security issues on the operating system or software and take advantage of this knowledge to exploit vulnerabilities.
- Summary of several ways to access blocked websitesto access the blocked website you can use some solutions such as change dns, edit host file, change ip address (vpn, socks, ssh), ... below is a guide to access blocked website details.
- Gears Tactics shows Microsoft's future strategy of making gamesgears tactics is the first game in the gears of war series to appear on pcs before the xbox and it shows microsoft's gaming strategy.
- The 4 most popular network attacks towards older people in 2018a statistic has shown that in recent years, cyber attacks tend to focus more on older users.
- How to Access Blocked Websitesthis tipsmake article teaches you how to open websites that are blocked in your region. a common reason websites are blocked is because of school or work regulations, or sometimes it's blocked by region, such as youtube videos.
- Qualcomm introduces a smart sound platform with Cortana promising to explodewhile alexa and google are battling aggressively for the top dominance in the smart speaker market, microsoft's cortana is lagging behind. this will change soon after qualcomm announced that it will launch a new smart audio platform, developed with microsoft.