Google Researchers IE 8 Bug Flaw Find Confirmed

US-CERT warns of critical use-after-free browser flaw

A bug in Internet Explorer 8 discovered by a Google researcher has been confirmed by another research firm and is now being reported by US-CERT. The so-called use-after-free bug can be used by an attacker to crash the browser or take over the victims system.
The use-after-free vulnerability is triggered when handling circular memory references, according to the
US-CERT alert
posted today. The bug resides in the mshtml.dll library.
Googles Michel Zalewski
discovered the bug
while testing a fuzzer tool, cross_fuzz, he had written for browsers and had released on Jan. 1. Thats when he discovered an accidental leak of the fuzzers whereabouts online showed third parties in China apparently also know about an unpatched and exploitable bug he found in IE with the fuzzer. The leak occurred when one of cross_fuzzs developers, who was working on crashes in the open-source WebKit browser engine used in Chrome and Safari, inadvertently leaked the address of the fuzzer in one of the crash traces that was uploaded. That made the fuzzers directory, as well as the IE test results from the fuzzer, indexed by GoogleBot, he says.
Zalewski saw that an IP address in China queried keywords included in one of the indexed cross_fuzz files -- specifically two DLL functions associated with and unique to the zero-day IE flaw he found with the fuzzer -- now revealed as the use-after-free bug.
Researchers at VUPEN Security have tested and confirmed that the flaw exists in IE 8 running on XP SP3. It also affects Windows 7, Windows Server 2008 SP2, Windows Server 2008 R2, Vista Service Pack 2, Windows Server 2003 Service Pack 2, and Windows XP Service Pack 3.
VUPEN rated the flaw as critical. This issue is caused by a use-after-free error within the mshtml.dll library when handling circular references between JScript objects and Document Object Model (DOM) objects, which could allow remote attackers to execute arbitrary code via a specially crafted web page,
according to VUPEN.
There is no workaround or patch for the flaw as yet. Microsoft says its investigating it. On January 1, 2011, Microsoft confirmed that the issue was a potentially exploitable vulnerability. We are currently not aware of any reliable proof of concept code that would indicate attackers have determined how to exploit this issue, says Jerry Bryant, group manager for response communications at Microsoft.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Google Researchers IE 8 Bug Flaw Find Confirmed