Trend Micro reported that senior threat researcher Joseph Reyes spotted several malicious script files that exploited vulnerabilities in both browsers. It detailed them as JS_DIREKTSHO.B that exploits a vulnerability in Microsoft Video Streaming ActiveX control to download other possibly malicious files.
Meanwhile, JS_FOXFIR.A accesses a website to download JS_SHELLCODE.BV that exploits a vulnerability in Firefox 3.5 to download WORM_KILLAV.AKN.
Trend Micro reported that initial analysis performed by threat analyst Jessa De La Torre shows that the scripts above may be unknowingly downloaded through either Firefox or Internet Explorer.
Mozilla claimed that a Firefox user suffered a crash that developers determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, the just-in-time compiler could get into a corrupt state. This could then be exploited by an attacker to run arbitrary code.
Meanwhile, Microsoft has said that it is aware of attacks attempting to exploit the said vulnerabilities. It has advised customers to prevent the Office Web Components from running either manually or automatically using the solution found in Microsoft Knowledge Base Article 973472.
Symantec's Dominic Cook claimed that the exploit happens when a user visits a malicious website that is hosting JavaScript code that uses the Microsoft Office Web Components. Code on the website may cause vulnerable computers to execute the exploit which may lead to a full compromise of the user's computer.
Symantec recommended maintaining an up-to-date browser and operating system, making sure your web browser and other applications are fully patched and ensuring that your anti-virus and firewall software are running and up-to-date with the latest definitions sets.
See original article on scmagazineuk.com
