10
CVSSv2

CVE-2014-1776

Published: 27/04/2014 Updated: 12/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 892
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftInternet Explorer6, 7, 8, 9, 10, 11

Github Repositories

VirusTotal Maltego Transforms @author: Steven Weinstein @dayjob: Malware Researcher @ Lookingglass (lgscoutcom) Copyright (c) 2014, Lookingglass Cyber Solutions, Inc This file is subject to the terms and conditions of the BSD License See the file LICENSE in the main directory for details Scope This document describes each Maltego transform designed to use the VirusTota

APT & CyberCriminal Campaign Collection This is a collection of APT and CyberCriminal campaigns Please fire issue to me if any lost APT/Malware events/campaigns 🀷The password of malware samples could be 'virus' or 'infected' URL to PDF Tool Print Friendly & PDF Reference Resources kbandla APTnotes Florian Roth - APT Groups Attack Wiki

APT & CyberCriminal Campaign Collection This is a collection of APT and CyberCriminal campaigns Please fire issue to me if any lost APT/Malware events/campaigns 🀷The password of malware samples could be 'virus' or 'infected' Reference Resources kbandla APTnotes Florian Roth - APT Groups Attack Wiki threat-INTel targetedthreats Raw Threat Intel

APT & CyberCriminal Campaign Collection This is a collection of APT and CyberCriminal campaigns Please fire issue to me if any lost APT/Malware events/campaigns 🀷The password of malware samples could be 'virus' or 'infected' URL to PDF Tool Print Friendly & PDF Reference Resources kbandla APTnotes Florian Roth - APT Groups Attack Wiki

β–ˆβ–ˆβ•— β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•— β–ˆβ–ˆβ•—β–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ–ˆβ–ˆ

Recent Articles

Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak
Symantec Threat Intelligence Blog β€’ Security Response Attack Investigation Team β€’ 06 May 2019

Windows zero day was exploited by Buckeye alongside Equation Group tools during 2016 attacks. Exploit and tools continued to be used after Buckeye's apparent disappearance in 2017.

Posted: 6 May, 20198 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinBuckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers LeakWindows zero day was exploited by Buckeye alongside Equation Group tools during 2016 attacks. Exploit and tools continued to be used after Buckeye's apparent disappearance in 2017.Key Findings


The Buckeye attack group was using Equation Group tools ...

Sednit espionage group now using custom exploit kit From Spear-Phishing Emails… …to custom Exploit Kit Payload Conclusion Indicators of compromise Hashes
welivesecurity β€’ ESET Research β€’ 08 Oct 2014

For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.
We recently came across cases of legitimate financial websites being redirected to a custom exploit kit. Based on our research and on some information provided by the Google Security Team, we were able to establish that it...

Microsoft rushes out Internet Explorer fix – even for XP machines
welivesecurity β€’ Rob Waugh β€’ 02 May 2014

Microsoft rushed out an emergency security fix for Internet Explorer, to fix a flaw which hackers had already exploited – although the tech giant said the actual number of attacks using the bug, which affected IE versions 6 to 11 was β€œvery small”. The big surprise for many, though, was that the patch also updated Windows XP – which officially β€œretired” on April 8.
Describing this as an β€œunexpected move”,Β Network World said that Microsoft had β€œlong held” that the dozen-...

Microsoft: You know we said NO MORE XP PATCHES? Well ...
The Register β€’ Neil McAllister in San Francisco β€’ 01 May 2014

IE vuln forces rethink on mercy bullet for elderly OS support

Microsoft has released patches for the latest critical security vulnerability plaguing Internet Explorer, including for Windows XP – despite months of claiming that it would never release another patch for the outdated OS past April 8 of this year.
According to a blog post by Microsoft's general manager of Trustworthy Computing, Adrienne Hall, Redmond only relented on its threat to leave XP users twisting in the wind because vulnerabilityΒ CVE-2014-1776 was disclosed so soon after the pa...

Windows XP Systems Also Get Out-of-Band IE Zero-Day Patch
Threatpost β€’ Michael Mimoso β€’ 01 May 2014

UPDATE – Microsoft announced it will release an out-of-band security update today to patch a zero-day vulnerability in Internet Explorer, and that the patch will also be made available for Windows XP machines through Automatic Update. At the same time, researchers said they are now seeing attacks specifically targeting XP users.
Microsoft no longer supports XP as of April 8, and that includes the development and availability of security updates. But the about-face today speaks to the ser...

Microsoft Updates Internet Explorer against Highly Targeted 0day Distributing Pirpi
Securelist β€’ Kurt Baumgartner β€’ 01 May 2014

The patch is up! Microsoft is pushing out an Out of Band (OOB) security update MS14-021 to address the recently disclosed Internet Explorer 0day exploit incidents involving a known, high end threat actor. Cheers to a quick response from such a large vendor on this issue!
The story goes like this. The week of the 20th, attackers known to send very well crafted emails to high value targets made an attempt to redirect folks’ browsers to sites hosting the IE 0day. The goal of the attacks was...

Researchers Find IE VGX Components Likely Exploited in Zero-Day Attacks
Threatpost β€’ Michael Mimoso β€’ 30 Apr 2014

UPDATE – Researchers at Websense said today they may have isolated two components within the VGX library that are being exploited by attackers targeting the latest Internet Explorer zero-day vulnerability.
By combing through millions of Windows crash reports sent via the Windows Error Reporting feature, researchers have discovered a spike in VGX.DLL crashes in two particular spots. Application crashes are indicators of exploit activity in some cases, and researchers believe that either o...

Microsoft Internet Explorer zero day flaw will be even worse for XP users
welivesecurity β€’ Rob Waugh β€’ 28 Apr 2014

This weekend Microsoft announced a serious vulnerability in its browser, Internet Explorer, a zero-day remote code execution hole, formally indexed as CVE-2014-1776. This vulnerability affects IE versions 6 through 11. You can read the details of the release from MicrosoftΒ here and also here. According to ESET security researcher Stephen Cobb, the safest response to this vulnerability is to use an alternative browser until IE is patched, regardless of which operating system you are using.
...

New Internet Explorer CVE-2014-1776 Zero Day Used in Targeted Attacks
Threatpost β€’ Dennis Fisher β€’ 28 Apr 2014

There’s a new zero-day vulnerability in many of the current versions of Internet Explorer and is being used in active attacks right now. The exploit that’s in use has the ability to bypass both DEP and ASLR and researchers say it’s being used by a known APT group.
Microsoft has issued an advisory about the CVE-2014-1776 IE vulnerability, and said it is aware of some targeted attacks using the exploit. The flaw is a use-after-free vulnerability in the browser, and Microsoft officials ...

Friends don't let friends use Internet Explorer – advice from US, UK, EU
The Register β€’ Simon Sharwood β€’ 27 Apr 2014

IE 6 to 11 at risk of hijacking, patch coming – but not for XP

Microsoft has warned of a new security flaw in all versions of its Internet Explorer web browser for Windows PCs. A patch has yet to be released for the crocked code.
Vulnerability CVE-2014-1776, to give the problem its formal name, allows miscreants to hijack at-risk Windows computers. It's all due to β€œthe way Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated”, the software giant explained on Saturday.
The flaw means the brow...