What you need to know about the Internet Explorer zero-day attacks

By , PC World |  Security, Internet Explorer, Microsoft

Liam O Murchu, manager of operations for Symantec Security Response, adds some interesting trivia. "Another interesting point to note regarding this vulnerability is that the exploit was found on the same servers being used as part of the Nitro attacks. In August, Symantec observed that the cybercriminals behind this ongoing targeted attack campaign, which initially targeted companies in the chemical industry, had ramped up their efforts with several new techniques and a Java zero-day vulnerability."

Essentially, if you can remove Java you should do so. Regardless of Java, though, businesses and consumers alike should always be vigilant about ActiveX controls or Active Scripting executing within the browser and take steps to guard against malicious code.

The next routine Patch Tuesday isn't scheduled until October 9. It seems reasonable to assume Microsoft will release an out-of-band patch for this flaw before then.

Originally published on PC World |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question