We at SpiderLabs investigate many suspicious webpages on a daily basis. Occasionally we run into something that seems new and unfamiliar to us, which is generally when things become interesting.
A recent discovery of ours began just like that and ended with our identification of an Internet Explorer 8 vulnerability being actively exploited in the wild. Through collaboration with the Microsoft Security Response Center (MSRC) Team we confirmed that the new zero- day (CVE-2013-3897) has been in the wild for a month (the new CVE-2013-3897 and the previous zero-day CVE-2013-3893). The patch was just released today, and users need time to install it. So we can’t reveal the full technical analysis of this vulnerability yet, but we can share some interesting details about the attack.