In a Security Advisory released yesterday. Microsoft said that the Vulnerability is a remote code execution and exist in all Internet explorer versions from 6-11,
The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
An attacker could take advantage of Compromised websites, websites that accept or host user-provided content or advertisements, emails, or Social networks, to trick user to visit a specially crafted content that could exploit the vulnerability. the attacker then could gain the same user rights as the current user and take complete control of the affected system.
Researchers at FireEye who had reported this vulnerability to Microsoft said that this zero-day bypasses both ASLR and DEP protections.
Threat actors are actively using this exploit in an ongoing campaign which we they named “Operation Clandestine Fox.” The exploit leverages a previously unknown use-after-free vulnerability, and uses a well-known Flash exploitation technique to achieve arbitrary memory access and bypass Windows’ ASLR and DEP protections. this is a significant zero day as the vulnerable versions represent about a quarter of the total browser market.
Microsoft is currently working on a fix for this vulnerability, however Windows XP users are advised to roll on to latest operating system or to avoid using Internet Explorer as they will not be provided with any security patches.