ESET: The Unicorn Bug is back in action
Eset has warned the Internet Explorer users about the latest bug in the Microsoft Internet Explorer. It is enabling remote code execution which further promotes cyber-attacks. The researchers of Eset have witnessed the first proof-of-concept showing the CVE-2014-6332 vulnerability, or ‘Unicorn Bug’, in action.
The original research conducted by a Chinese researcher, the proof-of-concept highlights that by using this vulnerability cyber criminals can run arbitrary code on any remote machine and can evade various anti-exploitation tools. The same Chinese researcher also noticed that an arbitrary code could also run on a computer with unpatched Internet Explorer, which visits a specially crafted website. ESET researchers started looking for such websites.
Explaining about the observation, ESET researcher stated, βIt was only a matter of time before we started seeing this vulnerability actively used as part of a cyber-criminal campaign. Scouring our data, we found several blocked exploitation attempts while our users were browsing a major Bulgarian website. As you might have guessed, the compromised website was using CVE-2014-6332 to install malware on the computers of its unsuspecting visitors.β