The FireEye researchers wrote:Microsoft is aware of the attacks and is investigating the issue. The software giant recommends customers to upgrade to Internet Explorer 11 to mitigate the issue.
The attackers, who appear to be the same ones behind at least two other recent zero-day attacks, were able to exploit the underlying "use after free" bug in a way that modified memory at a specified address. That allowed them to bypass address space layout randomization (ASLR), a technique for minimizing the damage exploits can have by randomizing the memory locations where objects are loaded. By preventing attackers from knowing where in memory their malicious code will reside, ASLR greatly reduces the chances an exploit will succeed. The attackers behind this most recent exploit were able to modify arbitrary memory addresses, allowing them to bypass the ASLR protection.
IE 9/10 zero-day bug exploited in the wild
Posted on Friday, February 14 2014 @ 13:23 CET by Thomas De Maesschalck