Palo Alto Networks Identifies 21 New Critical Vulnerabilities in Internet Explorer

Today, Microsoft patched 59 Internet Explorer vulnerabilities, 21 of them discovered by Palo Alto Networks researchers. Palo Alto Networks is committed not only to detecting attacks, but preventing them as well.

Our internal research team discovered each of these 21 vulnerabilities and reported them to Microsoft so they could begin building and testing patches. Microsoft has already credited our team with 14 previous IE vulnerabilities in 2014, bringing our total for the year up to 35. We want to acknowledge Palo Alto Networks researchers Bo Qu, Hui Gao, Royce Lu, Xin Ouyang and the entire IPS team for all of the hard work they’ve put into discovering and validating these vulnerabilities.

Here’s what you need to know

  • All 21 vulnerabilities are rated Critical because they allow for code execution without user interaction.
  • The most-likely attack vectors are drive-by downloads through compromised websites and spear phishing e-mails which link to malicious web pages.
  • We have not detected exploitation of these vulnerabilities in the wild at this time, but our threat intelligence team is monitoring for changes in the environment.

The table below provides a summary of the vulnerabilities and which versions of Internet Explorer they impact.

CVE Identifier Title 6 7 8 9 10 11
CVE-2014-1766 Internet Explorer Memory Corruption Vulnerability X X X
CVE-2014-1775 Internet Explorer Memory Corruption Vulnerability X X X X X X
CVE-2014-1784 Internet Explorer Memory Corruption Vulnerability X X X
CVE-2014-1785 Internet Explorer Memory Corruption Vulnerability X
CVE-2014-1789 Internet Explorer Memory Corruption Vulnerability X
CVE-2014-1791 Internet Explorer Memory Corruption Vulnerability X X X X X
CVE-2014-1796 Internet Explorer Memory Corruption Vulnerability X X X X X
CVE-2014-1799 Internet Explorer Memory Corruption Vulnerability X X X X X X
CVE-2014-1802 Internet Explorer Memory Corruption Vulnerability X X
CVE-2014-1803 Internet Explorer Memory Corruption Vulnerability X X X X X X
CVE-2014-1804 Internet Explorer Memory Corruption Vulnerability X
CVE-2014-2755 Internet Explorer Memory Corruption Vulnerability X
CVE-2014-2756 Internet Explorer Memory Corruption Vulnerability X X
CVE-2014-2759 Internet Explorer Memory Corruption Vulnerability X X X
CVE-2014-2765 Internet Explorer Memory Corruption Vulnerability X X X
CVE-2014-2766 Internet Explorer Memory Corruption Vulnerability X X X
CVE-2014-2767 Internet Explorer Memory Corruption Vulnerability X X
CVE-2014-2768 Internet Explorer Memory Corruption Vulnerability X X X
CVE-2014-2769 Internet Explorer Memory Corruption Vulnerability X X
CVE-2014-2770 Internet Explorer Memory Corruption Vulnerability X
CVE-2014-2771 Internet Explorer Memory Corruption Vulnerability X X

 

Internet Explorer is used in many of the networks Palo Alto Networks protects around the world and we’re doing our part to make it as secure as possible. Last week we released a series of IPS signatures to detect an advanced exploitation technique that takes advantage of ActiveX. In May, we linked a recent IE 0-day (CVE-2014-1776) to exploit code used against two other IE vulnerabilities exploited in the last 12 months.

Microsoft patched 129 IE vulnerabilities in all of 2013 and today’s release brings the 2014 total to 116. The faster the good guys track these down and get them patched, the harder we make the lives of the criminals looking to exploit them.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS