ESET spots ‘Unicorn bug’ in action

29th November 2014 | By Mouseworld Now Correspondent |

ESET-LOGOBengaluru, India ā€“ November 28TH , 2014: ESET, a leading company in proactive protection space has alerted Internet Explorer users on the latest patch of a Microsoft Internet Explorer vulnerability allowing remote code execution, which had lain undiscovered for almost 20 years, has prompted significant interest among cyber-attackers.

Earlier this week ESET researchers spotted the first proof-of-concept showing the CVE-2014-6332 vulnerability, or ‘Unicorn Bug’, in action.

Following original research by a Chinese researcher, the proof-of-concept shows that by using this vulnerability attackers can run arbitrary code on any remote machine and, moreover, bypass various anti-exploitation tools. The same Chinese researcher also found out that arbitrary code could also run on a machine with unpatched Internet Explorer that visit a specially crafted website. ESET researchers started looking for such websites.

“It was only a matter of time before we started seeing this vulnerability actively used as part of a cybercriminal campaign. Scouring our data, we found several blocked exploitation attempts while our users were browsing a major Bulgarian website. As you might have guessed, the compromised website was using CVE-2014-6332 to install malware on the computers of its unsuspecting visitors,” explain ESET researchers on

The website in question, a news site ranked among the top 50 websites in Bulgaria, has only one compromised page -about TV reality show winners. The exploit, detected by ESET as Win32/Exploit.CVE-2014-6332.A, consists of two different payloads – the first a series of commands; the second a PowerShell to download a binary payload, both with the same content.

Tags: , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 12 + 4 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • Rashi Peripherals Kick-Starts SI Training Program For Partners more...
  • Toshiba Sends its Storage Partners to Bali Under its Foreign Trip Scheme more...
  • Cloudera Awards Top APAC Partners at annual Partner Summit more...
  • Rashi Peripherals Bags Indywood IT Excellence Award more...
  • Rashi Peripherals Conducts Multi-City Enterprise Partner Meet more...
Subscribe via email

Enter your email address:

What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration