Tuesday, January 19, 2010

A bit on that China/Google attack:

Hackers linked to China used a zero-day vulnerability in Microsoft’s Internet Explorer browser to compromise corporate systems at more than 30 U.S. companies, including Google, Adobe and Juniper Networks.

According to Microsoft, the vulnerability is still unpatched and can lead to remote code execution attacks if a target is lured to a booby-trapped Web site or views a malicious online advertisement.

Microsoft’s confirmation, in the form of a security advisory, follows public statements from Google and Adobe that their corporate networks were breached by coordinated, sophisticated attackers based in China. (...)

According to Dan Kaminsky, a security researcher who was briefed on the IE vulnerability used in one of the attacks, the exploit was targeted at a Windows XP machine running Internet Explorer 6. (...)

The flaw affects Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are affected.
Basically, the "attack" was done by luring people running IE6 to a website that would then get the browser to run code on the visitor's PC. But it could also happen to visitors using IE7 and IE8 on Vista or Windows7 - which is all recent versions.

It's hard to see how Microsoft can leave this unfixed for so long. Google's Chrome and Firefox may have their problems, but I'm guessing that the basic design of those browsers is more robust, which could lead to enterprise-wide shunning of Microsoft's Internet Explorer.

There's more detail at the link for those interested.


Post a Comment