Internet Explorer Vulnerabilities

by Cody Dumont
April 30, 2014

The latest zero-day Internet Explorer vulnerability leaves organizations open to new attacks using remote execution exploits.  How vulnerable is your organization?  With this dashboard, SecurityCenter customers can better analyze risk and create remediation strategies.   Paul Asadoorian blogged about the Zero Day earlier this week.

The dashboard and its components are available in the SecurityCenter Feed, an app store of dashboards, reports, and assets.  The dashboard requirements are:

  • SecurityCenter 4.8
  • Nessus 5.2.6
  • LCE 4.2.1
  • PVS 4.0.2

This dashboard is comprised of six components focusing on the risk of using Internet Explorer.  The dashboard identifies the version of Internet Explorer in use, and summarizes the vulnerabilities found within Internet Explorer or Java and Flash when installed on Windows.  The dashboard also shows a summary of systems running Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a tool for mitigating security vulnerabilities in Windows applications.

To detect the version of Internet Explorer, this dashboard uses the Tenable products Nessus, PVS and LCE.  The plugins that detect the version of Internet Explorer use user agent string detection or registry values.  The colors in the indicator are set based on the version of Internet Explorer.  For version 11, the color is set to white on green; the color for version 10 is black on orange.  The colors white on red are set for the version 8 & 9, and all other versions are white on purple.  The color indicates the severity of risk according to the version of Internet Explorer.  The lower risk is green and orange, and the higher risks are red and purple.  The final component displays a 90-day trend analysis of vulnerabilities within Internet Explorer.  The trend graph calculates the data points every 24 hours to illustrate a daily trend during a 90-day period. 

The components included with this dashboard are:

  • Internet Explorer Vulnerabilities - Vulnerability Summary: This component displays a summary of vulnerabilities found within Internet Explorer, Java and Flash.
  • Internet Explorer Vulnerabilities - Exploitable Vulnerabilities: This table displays an IP address summary of systems with exploitable Internet Explorer vulnerabilities. 
  • Internet Explorer Vulnerabilities - IE Version Detection: The component detects the version of Internet Explorer. This dashboard uses the Tenable products Nessus, PVS and LCE. 
  • Internet Explorer Vulnerabilities - Internet Explorer Could Allow Remote Code Execution:  This component displays systems vulnerable to the Microsoft Internet Explorer Zero Day vulnerability referenced in Microsoft Security Advisory 2963983.
  • Internet Explorer Vulnerabilities - Enhanced Mitigation Experience Toolkit (EMET): This component displays host counts of systems running Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a tool for mitigating security vulnerabilities in Windows applications. 
  • Internet Explorer Vulnerabilities - IE Related Vulnerabilities: This component focuses on vulnerabilities related to Internet Explorer. 
  • Internet Explorer Vulnerabilities - 90 Day Vulnerability Trending: This component displays a 90-day trend analysis of vulnerabilities within Internet Explorer.