CVE-2013-3163 – Internet Explorer Vulnerability Exploited in the Wild

By Nofar Gueta | July 13, 2013

During the last days, Microsoft has received reports regarding an Internet Explorer memory corruption vulnerability being exploited in the wild. The exploit leveraging this vulnerability (CVE-2013-3163) manages to bypass both ASLR and DEP protection mechanisms.

In this particular case, Microsoft has already published a security bulletin addressing this vulnerability as part of its monthly security update (Patch Tuesday). In spite that fact, it is very likely that this vulnerability is still being exploited, since the bulletin was issued just a few days ago. On top of that, there is no explicit information regarding how long this vulnerability was exploited before it was published.

Due to the popularity of the exploited application, it is likely to assume that this kind of vulnerability could have cause a considerable damage.

Tests performed by Cyvera Labs concluded that exploitation of the aforementioned vulnerabilities is successfully prevented by¬†Cyvera TRAPS; Cyvera’s solution was developed to prevent exploitation of software vulnerabilities such as the aforementioned ones, without having any prior knowledge on the exploits, since its prevention ability is not based on known signatures or behaviors (unlike traditional solutions).