'New' Internet Explorer zero-day has been exploited for three months

Written by Andre Yoskowitz @ 30 Sep 2013 9:41 User comments (2)

Reports are coming in this week that Microsoft's Internet Explorer zero-day (CVE-2013-3893), which remains unpatched, has been exploited for at least three months now.

Microsoft first acknowledged the vulnerability earlier this month, and has issued one of their "Fix It" tools to help contain the dangers until a full patch is released.

Researchers at FireEye say the attacks can be tied to a Chinese hacking group and the attacks have been aimed at Japanese organizations.

Says researcher Alex Watson of Websense: "Our ThreatSeeker Intelligence Cloud reported a potential victim organization in Taiwan attempting to communicate with the associated malicious command and control server as far back as July 1, 2013. These C&C communications predate the widely-reported first use of this attack infrastructure by more than six weeks, and indicates that the attacks from this threat actor are not just limited to Japan."

"Websense Threat Intelligence indicates that the threat actor's attacks were not limited only to Japan as previously reported. The use of separate IP addresses, domain registrations, and permutations to dropper locations indicates a high degree of segmentation between attacks and different teams using the same tool sets, exploits and C&C infrastructure."

Visitors using IE 8 or 9, on Windows XP or 7, were being redirected to the exploit page and served with a malicious file.

Tags: security exploit Microsoft Internet Explorer

<Lenovo unveils Vibe Z, 1080p flagship phablet >Leaked documents confirm Sony Xperia Z1 Mini

2 user comments

11.10.2013 14:28

hearme0

Send private message to this user

Senior Member

As an IT person, I tell people to just stay away from IE entirely!

Use FF or Chrome.......Hell...........USE OPERA even but STAY THE F AWAY FROM IE!

24.10.2013 06:22

megadunderhead

Send private message to this user

Senior Member

agreed i build my own machines i refuse to use internet explorer or use microsoft's security patches for it.

Because:

if you notice the same security update for internet explorer 7/8/9 pops up in windows update not once not twice but 5 times so if the first patch didn't work what makes you think the 5 th one will

Comments have been disabled for this article.

	VLC hits milestone: over 5 billion downloads (16 Mar 2024 4:31) VLC Media Player, the versatile video-software powerhouse, has achieved a remarkable feat: it has been downloaded over 5 billion times. 2 user comments
	Sideloading apps to Android gets easier, as Google settles its lawsuit (19 Dec 2023 11:09) Google settled its lawsuit in September 2023, and one of the settlement terms was that the way applications are installed on Android from outside the Google Play Store must become simpler. In the future, installing APK files will be easier. 8 user comments
	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets (06 Jun 2023 9:19) Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
	Neato, the robot vacuum company, ends its operations (02 May 2023 3:38) Neato Robotics has ceased its operations. American robot vacuum pioneer founded in 2005 has finally called it quits and company will cease its operations and sales. Only a skeleton crew will remain who will keep the servers running until 2028. 5 user comments
	How to Send Messages to Yourself on WhatsApp (20 Mar 2023 1:25) The world's most popular messaging platform, Meta-owned WhatsApp has enabled sending messages to yourself. While at first, this might seem like an odd feature, it can be very useful in a lot of situations. .... 18 user comments

	Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix Do you have problems with you Wi-Fi? Slow connection or is it cutting off constantly? This guide aims to remedy these problems. 1 user comment
	What IP rating for dust and water resistance means An IP classification (such as IP68) is given to mobile phones, Bluetooth speakers, and other devices, but what do these classifications mean? 1 user comment
	GUIDE: Wi-Fi speeds are slow? Here are some tips Having problems with Wi-Fi speed and stability at home? Here are some tips to follow to alleviate the issues. 1 user comment
	HOWTO: Install Netflix App on rooted Android device 'This app is no longer compatible with your device. Contact the developers for more info.' If you are getting this message from Google Play when trying to install Netflix, then maybe this little guide can help you.
	Windows 11: Check if TPM is enabled on your computer In this short guide we will look at how you can check the status of Trusted Platform Module (TPM) on your PC ahead of the coming launch of Windows 11.

'New' Internet Explorer zero-day has been exploited for three months

2 user comments

Latest news

Reviews

Guides

News archive

Subscribe

Sections:

Follow us:

	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
	Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner Samsung's Jet Bot 90 AI+ is a top-class robot vacuum cleaner that can avoid obstacles and empty its own dust container. Here we review the product. 1 user comment
	Samsung Jet Bot 80+ review - excellent robot vacuum cleaner We review Samsung's Jet Bot 80+ robot vacuum cleaner over a period of three months. 1 user comment