Trend Micro releases mitigation rules for IE flaw

Security specialist fills void as Microsoft continues work on patch

Tags: Cyber crimeTrend Micro IncorporatedUSA
  • E-Mail
Trend Micro releases mitigation rules for IE flaw Trend Micro said its new rules would also help XP users, but advised migration, where possible.
By  Stephen McBride Published  May 5, 2014

Cyber security specialist Trend Micro Inc today announced the availability of mitigation features in its products for the recently found flaw in Microsoft Internet Explorer.

The flaw is present in versions 6 to 11 of Microsoft's browser (although Trend Micro said attacks have only been detected in versions 9 to 11) and can be exploited when Flash objects imbedded in a compromised website are executed by the browser. The objects can then be used to bypass Data Execution Prevention (DEP) and Address Space Layout Randomisation (ASLR) protections on the target system. Worst case scenarios include complete admin rights being ceded to attackers.

The US and UK governments issued rare advisories urging users to switch to alternative browsers until Microsoft issues a patch, but regional experts previously told that while this may be a trivial decision for individual users, many enterprises may use Web-based applications that require IE to run properly.

Trend Micro has an alternative for those users tied to IE or to Windows XP, as the legacy system is out of support with Microsoft and is not currently expected to receive a patch. Trend has released two deep packet inspection (DPI) rules for users of its Deep Security and OfficeScan Intrusion Defense Firewall (IDF) products.

The first rule addresses the IE flaw itself, which is referred to as the Microsoft Internet Explorer Remote Code Execution Vulnerability. The second is a generic VML file blocker.

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code