All the latest UK technology news, reviews and analysis


Researchers warn of targeted Internet Explorer zero-day flaw

17 Sep 2012
Internet Explorer

Security experts are advising users to switch browsers following the discovery and exploit of a zero-day flaw in Internet Explorer.

Researcher Eric Romang said that the vulnerability was being targeted in the wild by a cybercrime group known as "Nitro gang" for malware infections. According to Romang, the vulnerability is being targeted via specially-crafted .swf file hosted on a server controlled by the criminals.

"I can confirm, the zero-day season is really not over yet," Romang said in a blog post.

"Less than three weeks after the discovery of the Java SE 7 0-day, potentially used by the Nitro gang in targeted attacks, a potential Microsoft Internet Explorer 7 and 8 zero-day is actually exploited in the wild."

According to Romang, the attack site actively screens users and only launches an attack when a 32-bit Windows XP system running Internet Explorer 7 or 8 is detected. Upon a successful attack the site redirects users and displays a different page.

For Microsoft, addressing the flaw would likely require an "out of band" update to be deployed ahead of the next scheduled security update on 9 October. While uncommon, the company does occasionally release the unscheduled updates to address critical vulnerabilities which are being actively targeted.

Microsoft Trustworthy Computing director Yunsun Wee said that the company was aware of the reports and is investigating the matter.

"We have confirmed that Internet Explorer 10 is not affected by this issue," Wee said in a statement provided to V3.

"We recommend customers deploy Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) 3.0, which provides effective protections without affecting the web browsing experience."

Meanwhile, security experts are advising users to re-think their choice of web browsers to mitigate the risk of attack.

"If you're still running IE7, 8 or 9, today is a good day to think about switching browsers for a couple of weeks," advised SANS researcher Rob VandenBrink.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Green IT poll

How important is it to your business that a cloud provider uses renewable energy like solar or wind to power their data centres?
21%
6%
3%
2%
68%

Popular Threads

Powered by Disqus
Galaxy S5 vs Nexus 5 head to head review front

Galaxy S5 vs Nexus 5 video review

We compare Samsung and Google's top devices

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

QA Automation Python

QA Automation Python Linux TCP/IP. We are looking for...

C++ Linux Engineer

C++ Linux Engineers. We are looking for passionate...

.Net Windows or C++

Superb opportunity for developing software using...

ASP .NET Developer

ASP.NET Developer required with experience in developing...
To send to more than one email address, simply separate each address with a comma.