All the latest UK technology news, reviews and analysis


Microsoft rushes out IE fix for watering hole exploit

02 Jan 2013
Internet Explorer

Microsoft has rushed out a fix for a zero-day flaw in some versions of its Internet Explorer (IE) browser, which attackers were using to deploy malware via compromised websites.

The flaw in IE8 and earlier versions allowed attackers to install malware when users visited infected web pages.

“The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer,” Microsoft warned in its security advisory note

“An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”

According to security firm FireEye, attackers compromised US think tank the Council on Foreign Relations' website as early as 21 December.

Darien Kindlund, a security researcher at FireEye, said the choice of targets looks to have been carefully calculated.

“We can also confirm that the malicious content hosted on the website does appear to use Adobe Flash to generate a heap spray attack against Internet Explorer version 8.0 (fully patched), which was the source of the zero-day vulnerability,” he wrote on the company blog.

Kindlund added that the JavaScript hosting the exploit had some interesting features, which were used to tailor the attack. These include scanning the users' browser and only delivering the payload to users that had their operating system language set to either English (US), Chinese (China), Chinese (Taiwan), Japanese, Korean, or Russian.

This gave the attack the hallmarks of a so-called watering hole attack, when the cyber crooks look to target specific groups of people – in this case, those with an interest in US foreign policy.

Microsoft is continuing to investigate the attack.

Last year, Microsoft suffered a similar problem, with a bunch of crooks, dubbed the Nitro Gang, also using previously unknown flaws in older versions of Internet Explorer to deliver their own targeted malware.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
22%
29%
11%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Project Manager

Hotcourses – Project Manager Salary - £30k to £38k...

Head of IT

A Head of IT is required by a large property services...

Web Developer - HTML5, CSS, PHP, JavaScript, JQuery.

Fantastic opportunity to join a forward-thinking expanding...
To send to more than one email address, simply separate each address with a comma.