AfterDawn: Tech news

'New' Internet Explorer zero-day has been exploited for three months

Written by Andre Yoskowitz @ 30 Sep 2013 9:41 User comments (2)

'New' Internet Explorer zero-day has been exploited for three months Reports are coming in this week that Microsoft's Internet Explorer zero-day (CVE-2013-3893), which remains unpatched, has been exploited for at least three months now.
Microsoft first acknowledged the vulnerability earlier this month, and has issued one of their "Fix It" tools to help contain the dangers until a full patch is released.

Researchers at FireEye say the attacks can be tied to a Chinese hacking group and the attacks have been aimed at Japanese organizations.

Says researcher Alex Watson of Websense: "Our ThreatSeeker Intelligence Cloud reported a potential victim organization in Taiwan attempting to communicate with the associated malicious command and control server as far back as July 1, 2013. These C&C communications predate the widely-reported first use of this attack infrastructure by more than six weeks, and indicates that the attacks from this threat actor are not just limited to Japan."

"Websense Threat Intelligence indicates that the threat actor's attacks were not limited only to Japan as previously reported. The use of separate IP addresses, domain registrations, and permutations to dropper locations indicates a high degree of segmentation between attacks and different teams using the same tool sets, exploits and C&C infrastructure."

Visitors using IE 8 or 9, on Windows XP or 7, were being redirected to the exploit page and served with a malicious file.

Previous Next  

2 user comments

11.10.2013 14:28

As an IT person, I tell people to just stay away from IE entirely!

Use FF or Chrome.......Hell...........USE OPERA even but STAY THE F AWAY FROM IE!

24.10.2013 06:22

agreed i build my own machines i refuse to use internet explorer or use microsoft's security patches for it.


if you notice the same security update for internet explorer 7/8/9 pops up in windows update not once not twice but 5 times so if the first patch didn't work what makes you think the 5 th one will

Comments have been disabled for this article.

News archive