In association with heise online

15 December 2008, 10:03

Zero day exploit for Internet Explorer is spreading

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

According to observations made by the security firms, the zero day exploit for Internet Explorer is spreading rapidly across the net. It targets a particularly dangerous hole in all versions of the Microsoft browser. There is no patch: a Windows PC can become infected with malicious software through the simple act of opening a web page. Unlike most other attacks, this exploit does not require careless users to click on something.

More and more harmless servers are currently being manipulated via SQL injection to deliver the zero day exploit to requesting computers. It is, therefore, possible to get infected by visiting a trustworthy site.

Anti-virus software only offers limited protection against web pages that contain this kind of exploit for infecting computers with malicious software. For one thing, not all anti-virus solutions monitor internet traffic; many are limited to inspecting files. Once a web page has been saved in the cache, however, it is usually already too late, and the malicious code has already been injected and launched. In addition, not all anti-virus vendors have managed to create suitable signatures. A live exploit that reached heise Security on Tuesday still remained undetected by solutions like CA, Kaspersky, Trend Micro, NOD32, Panda and F-Secure on Saturday.

Microsoft has released an extensive list of workarounds that explain how to configure Internet Explorer in a way that renders the exploit ineffective. For example, they suggest disabling scripting, which is not very practical as it may cause problems on many web pages that use scripting to operate.

Until Microsoft provides a patch, users are advised to switch to an alternative browser that doesn't access the vulnerable Microsoft libraries such as Firefox, Opera and Safari.

See Also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-739355
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit