News Stay informed about the latest enterprise technology news and product updates.

Security Bytes: Zero-day attack targets IE

In other news: The Department of Homeland Security (DHS) names a new cybersecurity chief and a new worm uses AOL Instant Messenger to spread.

Zero-day attack targets IE
Researchers at Sunbelt Software warned Monday that they've detected a new zero-day attack against Internet Explorer (IE). The attacks are originating from a series of pornographic Web sites based in Russia, with the goal of dropping malicious code onto Windows machines to make them part of botnets. The attacks are targeting a buffer overflow caused by how IE handles VML (Vector Markup Language) code, Eric Sites, Sunbelt's vice president of research and development, said in the company's blog. Sites said Microsoft has been informed of Sunbelt's findings, and that the exploit can be mitigated by turning off javascripting.

DHS names new cybersecurity chief
After a year-long wait, the Department of Homeland Security named its first cybersecurity czar Monday. DHS Secretary Michael Chertoff released a statement appointing information security policy expert Gregory Garcia as assistant secretary for cyber security and telecommunications. Garcia most recently worked for the Information Technology Association of America, serving as the industry group's vice president for information security policy and programs. His main responsibility now is to help the nation prevent catastrophic cyberattacks.

Worm spreads via AOL IM
FaceTime Security Labs is warning of a new worm that uses AOL Instant Messenger to spread. The apparent goal of Win32.Pipeline is to hijack machines that could be used in a botnet. Pipeline delivers a malicious file that's advertised as a JPEG image, and calls out to host computers that install rootkits and Trojans horse programs on the affected machine. Attackers could then use the hijacked machines to send out spam, commit a variety of fraud and cause distributed denial-of-service attacks. Like many IM worms, FaceTime said in a statement, Pipeline first appears as an instant message from a familiar contact, luring users into clicking on a link with a contextual phrase. The IM message "hey would it okay if i upload this picture of you to my blog?" downloads a command file called, which is disguised as a JPEG. Running the file results in csts.exe being created in the user's system32 folder, part of the Windows operating system.

Dig Deeper on Web browser security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.