Home > Security News > Zero-day IE exploit just the beginning
Security News:
EMAIL THIS

Zero-day IE exploit just the beginning

By Shawna McAlearney, Information Security Magazine Online Editor
01 Oct 2003 | Information Security Magazine

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

A zero-day exploit targeting an Internet Explorer (versions 5 and forward) vulnerability is being used to install a Trojan on vulnerable systems. Experts warn that it's only a prelude to a series of attacks that are likely to be highly successful.

"This zero-day exploit is huge. It will likely be a major and highly successful, vector of attack upon thousands of computers for some time," says Ken Dunham, malicious code intelligence manager at iDEFENSE. "We have verified that attackers are installing backdoor Trojans and dialers on targeted computers at will."

"Multiple examples of the exploit code are available for attackers to analyze and use in crafting their own attack," adds Dunham. "This type of code availability and underground activity traditionally foreshadows a flurry of malicious attacks."

Microsoft first issued a patch for the "object type" vulnerability on Aug. 20. The flaw allows an attacker to compromise a system by embedding malicious code in a Web page. If the Web page is viewed with a fully patched IE browser, the malicious code embedded in the Web page will execute. The "object type" vulnerability patch doesn't prevent this variation of the flaw, but Microsoft plans to issue a fix shortly.

"Microsoft is investigating reports of a malicious Web site that exploits a variation on a vulnerability originally patched in MS03-032," said a Microsoft spokesman. "While we will release a fix for this variation shortly, users can help protect against this newly reported issue by changing their IE Internet security zone settings to prompt them before running ActiveX components. MSO3-032 has been updated to included steps for customizing IE security settings."

Unlike some other vulnerabilities, this one requires no user interaction.

"This isn't a training issue where users are told not to accept certain certificates or controls," says Dunham. "If a computer is vulnerable it will be infected without any user interaction other than simply surfing the Internet."

FOR MORE INFORMATION:

Microsoft security bulletin: MS03-032

Ask the experts

FEEDBACK: How do you prioritize deployment of critical Windows patches in your enterprise?
Send your feedback to the SearchSecurity.com news team.



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts