Microsoft Windows IE Memory Corruption

September 30, 2013

Microsoft has released an advisory addressing CVE-2013-3893 on Sept 17, 2013. This vulnerability found in Microsoft Internet Explorer affects Internet Explorer versions 8 and 9 and is being used in the wild by cyber-criminals. The issue could potentially affect all supported IE versions.

It has been observed that the vulnerable event handler has been used in a JavaScript file in an Adobe Flash Tool, and the JavaScript file was manipulated by hackers. However, we didn't confirm which vulnerability the manipulated JavaScript is exploiting as the target server has stopped serving the final malicious code. The following image shows the manipulated JavaScript file:


A hacker can load the mentioned JavaScript file:


Dell SonicWALL Threat team has researched this vulnerability and released the following IPS signature:

  • 7377 Windows IE Memory Corruption Vulnerability

Dell SonicWALL has updated information on Sept 26, 2013 for this vulnerability as below.