Internet Explorer Zero Day Report

by Josef Weiss
May 6, 2014

The latest zero-day Internet Explorer vulnerability leaves organizations open to new attacks using remote execution exploits. How vulnerable is your organization? With this report, SecurityCenter customers can better analyze risk and create remediation strategies.

This report is comprised of five chapters focusing on the risk of using Internet Explorer. The report identifies the version of Internet Explorer in use, and summarizes the vulnerabilities found within Internet Explorer or Java and Flash when installed on Windows. The report also shows a summary of systems running Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a tool for mitigating security vulnerabilities in Windows applications.

The report and its components are available in the SecurityCenter Feed, an app store of dashboards, reports, and assets.  The report requirements are:

  • SecurityCenter 4.8
  • Nessus 5.2.6
  • LCE 4.2.2

Chapters

Executive Summary - The Executive Summary chapter provides a summary of the remaining chapters, and is a mirror copy of the dashboard. This chapter is comprised of a series of matrices, charts, and summary tables to provide a high-level view into the risk exposure of using Microsoft Internet Explorer.

Internet Explorer Version Detection - The Internet Explorer Version Detection chapter provides a detailed summary of all networks and hosts running Internet Explorer. For each version of Internet Explorer there is a separate section, beginning with most current version 11, and stopping with version 3. Each section contains a bar chart and table, showing the network summary and a vulnerability detailed report. The vulnerability detail shows the plugins used to identify the Internet Explorer version and an IP address list of each host with vulnerability.

Internet Explorer Could Allow Remote Code Execution - The Internet Explorer Could Allow Remote Code Execution Chapter provides the detection methods used to identify systems with are vulnerable to zero day attack. The systems identification methods include active and passive scanning, and log correlation events. A separate section is available for each detection method. Each section contains a bar chart and table, showing the network summary and a vulnerability detailed report. The vulnerability detail shows the plugins used to identify the Internet Explorer vulnerabilities and an IP address list of each affected host.

Enhanced Mitigation Experience Toolkit (EMET)  - The Enhanced Mitigation Experience Toolkit (EMET) chapter provides a list of all systems that are configured with the Microsoft Enhanced Mitigation Experience Toolkit (EMET). There are four sections that outline the current configurations and log events.

Internet Explorer Related Vulnerabilities - The Internet Explorer Related Vulnerabilities chapter provides a detailed summary of vulnerabilities that are impacted by Internet Explorer. The details of vulnerabilities in Toolbars, ActiveX, Java, and Flash are reported. Additional information on Internet Explorer Autoruns is covered in a section.