Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

IDP Signatures for Microsoft Internet Explorer Zero-day vulnerability (CVE-2010-0249)

0

0

Article ID: JSA10424 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 1.0
Legacy Advisory Id:
PSN-2010-01-639
Product Affected:
This issue affects all unpatched versions of Internet Explorer 5, 6, 7, and 8.
Problem:
A zero day vulnerability in Microsoft Internet Explorer has been made public. This issue has been assigned the Common Vulnerability and Exposure (CVE) identifier CVE-2010-0249. Refer to the Related Links section below for more details on this CVE vulnerability report.

Microsoft has also published Microsoft Security Advisory 979352, entitled "Vulnerability in Internet Explorer Could Allow Remote Code Execution," and Microsoft Security Bulletin MS10-002. Links to Microsoft's authoritative security advisory and bulletin are also listed below.
Solution:
The ultimate solution is to patch or update every affected version of Microsoft Internet Explorer. Since this may be impractical or take a significant amount of time, coupled with the fact that criminal exploitation of the Internet Explorer Zero-Day is currently rampant on the Internet, rapid mitigation techniques should be employed where ever possible.

Mitigation:
Juniper Networks has released two IDP signatures that can currently detect the exploitation of this vulnerability, although not the specific vulnerability itself. Please refer to the Juniper Networks Knowledge Base article KB16546 for details on how to obtain and apply this proven mitigation technique.
Severity Level:
Critical
Severity Assessment:
This vulnerability is considered Critical by Microsoft. In certain cases, the vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.

Related Links

Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search