This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. > Find out more here
All the latest UK technology news, reviews and analysis
|
|
by Gareth Morgan
02 Jan 2013
Microsoft has rushed out a fix for a zero-day flaw in some versions of its Internet Explorer (IE) browser, which attackers were using to deploy malware via compromised websites.
The flaw in IE8 and earlier versions allowed attackers to install malware when users visited infected web pages.
“The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer,” Microsoft warned in its security advisory note.
“An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”
According to security firm FireEye, attackers compromised US think tank the Council on Foreign Relations' website as early as 21 December.
Darien Kindlund, a security researcher at FireEye, said the choice of targets looks to have been carefully calculated.
“We can also confirm that the malicious content hosted on the website does appear to use Adobe Flash to generate a heap spray attack against Internet Explorer version 8.0 (fully patched), which was the source of the zero-day vulnerability,” he wrote on the company blog.
Kindlund added that the JavaScript hosting the exploit had some interesting features, which were used to tailor the attack. These include scanning the users' browser and only delivering the payload to users that had their operating system language set to either English (US), Chinese (China), Chinese (Taiwan), Japanese, Korean, or Russian.
This gave the attack the hallmarks of a so-called watering hole attack, when the cyber crooks look to target specific groups of people – in this case, those with an interest in US foreign policy.
Microsoft is continuing to investigate the attack.
Last year, Microsoft suffered a similar problem, with a bunch of crooks, dubbed the Nitro Gang, also using previously unknown flaws in older versions of Internet Explorer to deliver their own targeted malware.
Latest stories from Security
Related articles
Related jobs
Poll
Which productivity tools do you use for work?
V3 pits Sony's rugged flagship against Apple's premier handset
Updating your subscription status 
Connect with V3.co.uk
It's no longer one or other with web security; you can now have a virtualisation and SaaS hybrid model
BYOD is important for employee satisfaction, but poses challenges in terms of security, productivity loss and costs
Network Support Analyst (Cisco, CCNA) required by international...
Business Analyst - Financial Services - required for...
QlikView Consultant / QlikView Developer required for...
Business Intelligence Developer (SSIS SSAS SSRS) required...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree