Warning over using Internet Explorer from German Government as exploit goes public
The BSI says (German language link) that while running Internet Explorer in "protected mode" and disabling the Active Scripting feature makes attacks less likely to succeed, it doesn't prevent them completely. According to earlier reports, the hole in IE versions 6, 7 and 8 was exploited for a targeted attack against Google, Adobe and numerous other US firms and is believed to have been launched by Chinese cyber spies. The hole, which has now been officially confirmed by Microsoft, allows attackers to inject and execute code on a Windows computer via specially crafted web pages. The attackers reportedly took advantage of this to inject a trojan downloader into compromised computers.
The downloader then proceeded to retrieve further modules, including a back door that gave the attackers remote access to the computer over an SSL-encrypted connection. The links to the crafted web pages must have been sent in emails to selected employees of the targeted firms. Microsoft say they are working on a patch and may even release it as an out-of-cycle "emergency patch".
RELATED INFO:
0-Day Exploit Week Bonanza: IE8, Adobe Reader Flaws in the Wild
Copyright 2011. Site powered by Bitdefender