Slashdot Mirror

← Back to Stories (view on slashdot.org)

Widespread Attacks Exploit Newly-Patched IE Bug

Posted by Soulskill on from the of-fish-and-barrels dept.

itwbennett writes "The first widespread attack to leverage the Internet Explorer flaw that Microsoft patched in an emergency update Thursday morning has surfaced. By midday Thursday Symantec had spotted hundreds of Web sites that hosted the attack code. The attack installs a Trojan horse program that is able to bypass some security products and then give hackers access to the system, said Joshua Talbot, a security intelligence manager with Symantec. Once it has infected a PC, the Trojan sends a notification e-mail to the attackers, using a US-based, free e-mail service that Symantec declined to name." Relatedly, reader N!NJA was among several to point out that Microsoft has apparently been aware of this flaw since September.

4 of 141 comments (clear)

  1. kind of makes you wonder by v1 · · Score: 5, Interesting

    in TFA: The flaw was in the Microsoft Security Response Center's (MSRC) queue to be fixed in the the next batch of patches due in February but the targeted zero-day attacks against U.S.

    Kinda makes you wonder just how many of these critical security bugs IE currently has in their queue to be fixed "sometime in the near future"?

    And at the same time you have to wonder just how nasty some of the others are that haven't made the cut yet, just waiting to become the next "zero day we own your computer, again"? We see how big of an issue this is, and MS was clearly in no hurry to fix it, so you'd have to assume that there are at least a few more of these that they know about and aren't fixing yet.

    --
    I work for the Department of Redundancy Department.
    1. Re:kind of makes you wonder by X0563511 · · Score: 3, Interesting

      I like to think that the code for IE is so horribly mangled that it takes a solid month to get the thing to build (including compile errors, stupid typo bugs, compile time, compiling for all the different windows configs, etc)

      It makes me feel nicer that it could just be a shitty project, rather than just shitty people.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    2. Re:kind of makes you wonder by ppanon · · Score: 3, Interesting

      China demanded the source code to Windows years ago and Microsoft gave it to them. I don't think it's a complete coincidence that China has been pushing Red Flag Linux internally. By now they know the bugs in Microsoft Windows and have multiple exploits ready for use, and they have backdoors in Red Flag so they can spy on their own people. If they ever get into a cyberwar with the US, you had better be running something other than Windows.

      --
      Laissez lire, et laissez danser; ces deux amusements ne feront jamais de mal au monde. - Voltaire
  2. Update your Acrobat Reader. by Old+Flatulent+1 · · Score: 3, Interesting
    There was a similar hole in the way Acrobat Reader prior to 9.2 handled xml multimedia calls. And there were resent releases of updates for Shockwave Flash.

    It is rather telling that the same type of buffer trouble is showing up in other peoples software. I am just wondering if the flood "Gates" are about to open and we will wind up seeing multiple trouble with things like WMP, Silverlight ...there was already the same update happening for RealPlayer

    Just maybe there is a system xml call that is easily exploited in all versions of Windows....I can just see it now some lazy MS exec using old legacy system xml that is written using the gets and puts function. I would not put it past Microsoft to use old garbage code without even checking the old source then including the pre-compiled executable