AfterDawn: Tech news

Unknown Internet Explorer bug exploited in attacks

Written by James Delahunty (Google+) @ 03 Nov 2010 22:22 User comments (4)

Unknown Internet Explorer bug exploited in attacks A previously unknown Internet Explorer bug has been used in target attacked online, security researchers warned today.
An unidentified website has been breached by the unknown attackers, who injected code that can exploit a flaw in the Internet Explorer browser. The perpetrators sent e-mails to selected individuals who were part of targeted organizations, luring them to the hacked webpage.

If the user was running Internet Explorer 6, or Internet Explorer 7, they may have been infected with a backdoor trojan. No user intervention would have been required for the malware to be delivered if the flaw was exploted successfully. Internet Explorer 8 "might" be technically vulnerable to the flaw, but the browser's built-in Data Execution Protection (DEP) would cause the webpage to crash instead.

"Looking at the log files from this exploited server we know that the malware author had targeted more than a few organizations," Symantec reported. "The files on this server had been accessed by people in lots of organizations in multiple industries across the globe."

The flaw lies in IE's handing of Cascading Style Sheets. The browser under-allocates memory, allowing data to be overwritten in memory vtable pointers. This can allow an attacker to inject code and execute it.

Microsoft has not said when a patch will be made available for the flaw but it is not likely to be released out of cycle due to it being ineffective with Internet Explorer 8. For those running IE6 or IE7 who cannot update for any particular reason, there is always the Enhanced Mitigation Experience Toolkit (EMET) provided by Microsoft to help IT Professionals protect systems from common threats. EMET works by applying security mitigation technologies to arbitrary applications to block against exploitation through common attack vectors.

Previous Next  

4 user comments

13.11.2010 23:29

People need to upgrade from those old versions of explore. I thought Microsoft would have dropped support for explorer 6 by now.

24.11.2010 9:33

The internet is a jungle these days.

34.11.2010 12:24

Didn't they have a funeral for IE a little back? I forgot what version...


Peace!

44.11.2010 16:36

I like how they give details on exactly how the virus works, then refuse to release a patch.

Comments have been disabled for this article.

News archive