Microsoft has published a Security Advisory (“Vulnerability in Internet Explorer Could Allow Remote Code Execution”) that discloses a new critical vulnerability in all versions of Microsoft Internet Explorer, CVE-2013-3893 https://technet.microsoft.com/en-us/security/advisory/2887505. This vulnerability has been seen in the wild exploited in targeted attacks and could be used by web-based attacks/ drive-by downloads and malicious advertisements known as malvertisements. This vulnerability also bypasses ASLR (Address Space Layout Randomization) protections that had been built into newer versions of IE as mitigating protections.
In response to this advisory, Palo Alto Networks has released an emergency content update (version 394) that provides detection of attempted exploitation of CVE-2013-3893:
Severity: Critical
ID: 36128
Attack Name: Microsoft Internet Explorer Use After Free Vulnerability
CVE ID: CVE-2013-3893
Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices. If you have any questions about coverage for this advisory, please contact Support.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.