Friday, February 20, 2009

Hackers Target IE 7 Browser Again

Users who failed T0 patch their computers after Microsoft released its monthly Patch Tuesday update last week could be in trouble - an Internet Explorer browser vulnerability f0r which the patch was sent 0ut is under attack again. This IE patch released last week, for an "Uninitialized Memory Corruption" vulnerability, was rated critical by Microsoft. Also known as CVE, the vulnerability stems from how IE deals with objects that have been deleted.

An attack discovered yesterday targeted that vulnerability again. "Malware crooks were quick to develop a working exploit for the vulnerability in Internet Explorer 7, which was part 0f the February Microsoft patch release," said Raul Mohandas, in antivirus vendor McAfee's Avert Labs bl0g.

Hackers can exploit the Uninitialized Memory Corruption vulnerability by building a Web page that remotely executes code when it is visited.
Mohandas' blog posting said the latest attack is launched through a Microsoft Word document that contains an embedded ActiveX control. The ActiveX control connects to a Web site hosting the attack when it is opened.

This method is similar to the follow up to the zero-day attack on IE 7 in December that forced Microsoft to issue an out 0f band patch, Mohandas said in the blog.
Craig Schmugar, senior threat researcher at McAfee, told InternetNews.com he is not sure whether or not hackers had reverse engineered the patch issued last week, although there is a good possibility that this is the case. "There's the concept of Exploit Wednesday on the heels of Patch Tuesday where, in the course of providing a fix, you provide an opportunity for the bad guys to attack people who can't patch their systems that quickly," he added.

However, B0jan Zdmja, writing 0n the Internet Storm Center's Web site, appears convinced that the hacker reverse engineered the patch. The ISC was created in 2001 to provide free analysis and warning services to Internet users and organizations.

Users' troubles with their IE browser may not be over yet. Schmugar warned that, although the attacker is using a Word document now, nothing prevents the exploit from being used in a drive-by attack, where a tainted Web site automatically downloads malware onto visitors' sites. "We can, unfortunately, expect that this will happen very soon," he wrote on the ISC's Web site.

Relate Topic
Remote computer repair help and support
Internet Explorer Browser 7 Problems
Showstopper Flaw in Mozilla Mobile Browser

Source: internetnews.com

1 comment:

macewan said...

I have very little sympathy for folks still using Microsoft's Internet Explorer. Firefox has 20% market share again all odds and despite Microsoft market machine and bottomless pit of money because Firefox is the better browser.

You may want to give Apple's Safari 4 public beta a shot. I have tested it on the OS X platform. It's an unbelievably fast browser. I just came out on Feb. 24, 2009. Video demos can be found on Youtube.