Microsoft IE mshtml! Code execution Reuse Vulnerability after the CButton object is released

Release date:
Updated on:

Affected Systems:
Microsoft Internet Explorer 8.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 6.x
Unaffected system:
Microsoft Internet Explorer 9.x
Microsoft Internet Explorer 10.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57070
Cve id: CVE-2012-4792
 
Microsoft Internet Explorer is a Web browser launched by Microsoft.
 
Internet Explorer in mshtml! The release reuse vulnerability exists in the processing of CButtion objects. Remote attackers may exploit this vulnerability to trick users into accessing malicious webpage content and execute arbitrary code to control the user system.
 

<* Link: http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html
Http://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/
Http://secunia.com/advisories/51695/
Http://technet.microsoft.com/security/advisory/2794220
Http://technet.microsoft.com/security/bulletin/ms13-008
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
 
If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:
 
* Before the vendor patches are released, we recommend that you temporarily switch to non-IE kernel browsers, such as Firefox and Chrome.
 
* Upgrade IE to version 9 or 10 because IE of these two versions is not affected by this vulnerability.
 
* The following protection measures can be taken for IE 6, 7, and 8 browsers:
 
Use the vendor-provided Enhanced Mitigation Experience Toolkit (EMET) tool. This method can effectively prevent and does not affect normal Website access.

EMET is a utility used to prevent software vulnerabilities from being exploited.
Download the enhanced experience toolkit from the following URL:
Http://go.microsoft.com/fwlink? LinkID = 200220 & clcid = 0x409

Run after installation. Click "Configure Apps" on the page and click "Add" in the dialog box to browse the installation directory of IE (usually c: \ program files \ Internet Explorer \) Select iexplore.exe and click "open". IE will be added to the protected project list, and click "OK ", if IE is running, restart the application.
 
You can also use similar operations to add other applications to protection.
 
Vendor patch:
 
Microsoft
---------
Microsoft has released a Security Bulletin MS13-008 to fix this vulnerability, it is recommended that IE users Install patches by automatically updating or manually downloading:
 
Http://technet.microsoft.com/security/bulletin/ms13-008