BOSTON (Reuters) - A security research firm said it discovered
another set of vulnerabilities in Internet Explorer, a day after Microsoft Corp patched the Web browser following a high-profile cyber attack on Google in China.
Research firm Core Security Technologies said on Friday that it discovered another set of vulnerabilities in Internet Explorer that hackers can link together and exploit, to
remotely access all of the data on a personal computer.http://www.reuters.com/article/idUSTRE60L5O820100122?type=technologyNewsThe first widespread attack to
leverage a recently patched flaw in Microsoft's Internet Explorer browser has surfaced.
Starting late Wednesday, researchers at antivirus vendor Symantec's Security Response group began spotting dozens of Web sites that contain the Internet Explorer attack, which works reliably on the IE 6 browser, running on Windows XP. The attack installs a Trojan horse program that is able to bypass some security products and then give hackers access to the system, said Joshua Talbot, a security intelligence manager with Symantec.
Once it has infected a PC, the Trojan sends a notification e-mail to the attackers, using a U.S.-based, free e-mail service that Symantec declined to name.
As of midday Thursday, Symantec had spotted
hundreds of Web sites that hosted the attack code, typically on free Web-hosting services or domains that the attackers had registered themselves.
http://www.itworld.com/security/93670/widespread-attacks-exploit-newly-patched-ie-bug
Printer-friendly format
Email this thread to a friend
Bookmark this thread
(1000+ posts)
Send PM |
Profile |
Ignore
