Zero day exploit for Internet Explorer is spreading
According to observations made by the security firms, the zero day exploit for Internet Explorer is spreading rapidly across the net. It targets a particularly dangerous hole in all versions of the Microsoft browser. There is no patch: a Windows PC can become infected with malicious software through the simple act of opening a web page. Unlike most other attacks, this exploit does not require careless users to click on something.
More and more harmless servers are currently being manipulated via SQL injection to deliver the zero day exploit to requesting computers. It is, therefore, possible to get infected by visiting a trustworthy site.
Anti-virus software only offers limited protection against web pages that contain this kind of exploit for infecting computers with malicious software. For one thing, not all anti-virus solutions monitor internet traffic; many are limited to inspecting files. Once a web page has been saved in the cache, however, it is usually already too late, and the malicious code has already been injected and launched. In addition, not all anti-virus vendors have managed to create suitable signatures. A live exploit that reached heise Security on Tuesday still remained undetected by solutions like CA, Kaspersky, Trend Micro, NOD32, Panda and F-Secure on Saturday.
Microsoft has released an extensive list of workarounds that explain how to configure Internet Explorer in a way that renders the exploit ineffective. For example, they suggest disabling scripting, which is not very practical as it may cause problems on many web pages that use scripting to operate.
- Internet Explorer 6 and 8 also affected by zero-day vulnerability, heise online UK report
- Two new zero-day exploits dent Microsoft's Patch Tuesday, heise online UK report