A user's PC visiting a compromised site can be attacked exploiting the IE Exploit (961051) hole along with several other security vulnerabilities. Symantec warned that if the user's PC is successfully exploited, the hacker drops various malicious code onto the exploited system such as Downloader and Infostealer.Gamler.
Microsoft said the security hole was caused by an invalid pointer reference in Internet Explorer, which could enable a hacker to access memory on the PC, which is used by the browser. This memory could be used to install a remote application. Microsoft said a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs view, change, or delete data or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The Microsoft Malware Protection Center blog reported that since the vulnerability went live, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of the latest IE vulnerability. It warned, "That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: we saw an increase of over 50% in the number of reports today compared to yesterday." According to Symantec, users in Asia were most affected by the vulnerability.
The MS08-078 patch can be applied to versions of Internet Explorer from version 5.01 to Internet Explorer 8 Beta 2.
Microsoft urged users to apply this update after applying the most recent cumulative security update for Internet Explorer. The update, MS08-078, will be included in a future cumulative security update for Internet Explorer, it said.