Microsoft Warns IE Under Attack on Patch Tuesday

As Microsoft pushes out two Patch Tuesday security updates for Windows and Office Excel, the company warns that attackers are targeting a vulnerability in Internet Explorer that can be used to hijack machines.

Microsoft issued a warning March 9 for Internet Explorer users as the company pushed out its monthly round of patches to cover security holes in Windows and Microsoft Office Excel.

In an advisory, the company warned that a new vulnerability was being targeted in attacks against Internet Explorer 6 and 7. IE 8 is not believed to be affected. According to Microsoft, the vulnerability is due to an invalid pointer reference being used within IE and can be exploited by tricking users into visiting a malicious or compromised Web page.

"At this time, we are aware of targeted attacks attempting to use this vulnerability ... Based on our investigation, setting the Internet zone security setting to High will protect users from the issue described in this advisory," the company stated.

Besides changing the Internet zone settings, users can also modify the access control list on iepeers.dll. Instructions are contained within the advisory.

In addition to the advisory, Microsoft released two security bulletins March 9 for Patch Tuesday. The bulletins fix eight vulnerabilities affecting Windows and Office. Both security bulletins are rated important-the company's second-highest designation-and both were given an exploitability index rating of 1, meaning development of successful attack code relating to the vulnerabilities they fix is likely.

MS10-016 addresses a vulnerability in Windows Movie Maker and Microsoft Producer 2003 that could allow an attacker to remotely execute code if a victim opens a specially crafted Movie Maker or Producer file. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability.

The second bulletin, MS10-017, addresses seven vulnerabilities that impact all supported versions of Microsoft Office Excel.

"MS10-017 should be addressed first on your network," Jason Miller, data and security team leader at Shavlik Technologies, said in an e-mail. "Microsoft Excel attachments are as common as Meryl Streep nominations at the Oscars [and] opening a malicious Excel document could lead to remote code execution."

It is important to note that MS10-016 affects Microsoft Producer 2003, he added, and that rather than provide a patch, Microsoft is suggesting administrators remove the affected component from their machines.

"This is a great example of why administrators should take time each month and research the information associated with each bulletin," Miller said. "Simply blindly pushing out patches does not necessarily make your network secure."