All the latest UK technology news, reviews and analysis


Microsoft rushes out IE fix for watering hole exploit

02 Jan 2013
Internet Explorer

Microsoft has rushed out a fix for a zero-day flaw in some versions of its Internet Explorer (IE) browser, which attackers were using to deploy malware via compromised websites.

The flaw in IE8 and earlier versions allowed attackers to install malware when users visited infected web pages.

“The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer,” Microsoft warned in its security advisory note

“An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”

According to security firm FireEye, attackers compromised US think tank the Council on Foreign Relations' website as early as 21 December.

Darien Kindlund, a security researcher at FireEye, said the choice of targets looks to have been carefully calculated.

“We can also confirm that the malicious content hosted on the website does appear to use Adobe Flash to generate a heap spray attack against Internet Explorer version 8.0 (fully patched), which was the source of the zero-day vulnerability,” he wrote on the company blog.

Kindlund added that the JavaScript hosting the exploit had some interesting features, which were used to tailor the attack. These include scanning the users' browser and only delivering the payload to users that had their operating system language set to either English (US), Chinese (China), Chinese (Taiwan), Japanese, Korean, or Russian.

This gave the attack the hallmarks of a so-called watering hole attack, when the cyber crooks look to target specific groups of people – in this case, those with an interest in US foreign policy.

Microsoft is continuing to investigate the attack.

Last year, Microsoft suffered a similar problem, with a bunch of crooks, dubbed the Nitro Gang, also using previously unknown flaws in older versions of Internet Explorer to deliver their own targeted malware.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 10 poll

What are your first impressions of Windows 10?
12%
5%
10%
4%
20%
3%
46%

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Account Manager - Partners - Birmingham / UK travel

Account Manager - Partners - Birmingham / UK travel...

Technical Support Technician II

Title: Technical Support Technician II Employment Type...

Technical Support Technician I

Title: Technical Support Technician I Department: Client...

Administrator - Projects & Training

Administrator - Projects & Training Location...
To send to more than one email address, simply separate each address with a comma.