Symantec has reported the use of targeted attacks by hackers in a new zero-day vulnerability in the browser Internet Explorer . This vulnerability is still open, and the attackers who exploit it could run on the computers of victims of their own malicious code.
September 17, Microsoft announced a new zero-day vulnerability in the browser Internet Explorer (CVE-2013-3893). The report said that the vulnerability can lead to memory corruption, allowing attackers to run their own malicious code. During the attack force users to open a Web page that exploits the vulnerability using Internet Explorer. Microsoft also said that at the moment the vulnerability was used only in a small number of targeted attacks. While correcting this vulnerability is in development, Microsoft has provided a temporary tool to fix it.
According to the annual report of the Symantec Internet Security Threat in 2012, the volume of targeted attacks for the year rose more than 40%. This means that attackers are looking for new ways to get into the systems of their victims, including a zero-day vulnerabilities.