IE zero-day vulnerability exploited more widely than previously thought

Security researchers identified attacks that exploited the vulnerability to target organizations in Taiwan since at least July

By Lucian Constantin, IDG News Service |  Security

"These C&C communications predate the widely reported first use of this attack infrastructure by more than six weeks, and indicates that the attacks from this threat actor are not just limited to Japan," the Websense researchers said Thursday in a blog post. These older attacks are most likely linked to Operation DeputyDog, but they have enough variations to indicate that different high-profile attack teams may be using the same tool sets, they said.

Security researchers from AlienVault also believe that the new IE vulnerability was used to attack organizations in Taiwan, because they found a variant of the exploit hosted on a subdomain of Taiwan government's online e-procurement system.

Users who visit the main website for the first time will get redirected to the exploit page, AlienVault researcher Jaime Blasco said in a blog post.

The vulnerability affects all versions of Internet Explorer, but the exploits seen so far target only Internet Explorer 8 and 9 running on Windows XP and Windows 7 systems. Websense estimates that nearly 70 percent of Windows-based PCs are vulnerable.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question