Your Ad Here

Tuesday, January 19, 2010

New IE flaw exploited for attack on US firms

Attackers targeting Google and a host of other U.S. companies recently used software that exploits a new hole in Internet Explorer, Microsoft said on Thursday.

The flaw exists as an invalid pointer reference within IE and it could allow an attacker to take control of a computer if the target were duped into clicking on a link in an e-mail or an instant message that led to a Web site hosting malware, Microsoft said. "It could also be possible to display specially crafted Web content using banner advertisements or other methods to deliver Web content to affected systems," Microsoft said in the statement.

Microsoft is working on a fix but could not say whether it would address the issue as part of its next Patch Tuesday scheduled for February 9 or before.

Keeping the IE Internet zone security setting on "high" will protect users from the vulnerability by prompting before running ActiveX Controls and Active Scripting, Microsoft said. Customers should also enable Data Execution Prevention (DEP), which helps mitigate online attacks, the company said. DEP is enabled by default in IE 8 but must be manually turned on in earlier versions.

McAfee CTO George Kurtz detailed the vulnerability in a blog post.
"As with most targeted attacks, the intruders gained access to an organization by sending a tailored attack to one or a few targeted individuals. We suspect these individuals were targeted because they likely had access to valuable intellectual property," Kurtz wrote. "These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That's when the exploitation takes place, using the vulnerability in Microsoft's Internet Explorer."
Once it is downloaded and installed, the malware opens a back door that allows the attacker to gain complete control over the compromised system and "perform reconnaissance," Kurtz said. "The attacker can now identify high value targets and start to siphon off valuable data from the company," he wrote.

Via [zdnetasia]

Bookmark and Share


Post a Comment

Type here your comments