Advertisement
Promo

Security threats Toolkit

Microsoft: Hole exploit threatens all IE versions

Elinor Mills CNET News

Published: 15 Dec 2008 09:58 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

An unpatched security hole in Internet Explorer that is being exploited affects all versions of the browser, making it more serious than originally believed when it was first publicised on 10 December, Microsoft has said.

Microsoft is investigating reports of attacks against a new vulnerability in IE but said in an update to a security advisory issued late on Thursday that all versions of IE are potentially vulnerable.

The company recommends setting the internet zone security setting to 'high' and using access control lists to disable Ole32db.dll to provide the most effective protection against an attack.

"Our latest information is that there are still limited attacks seeking to load malicious software on vulnerable systems," Christopher Budd writes in the Microsoft Security Response Center blog.

Microsoft has seen several hundred detections of exploits from around the globe, though the sites taking advantage of the vulnerability appear to be hosted on Chinese domains, Microsoft said in a Microsoft Malware Protection Center blog.

Read this

Comment
Tackling the threat from compromised websites

Most web-based malware now comes from genuine sites that have been compromised, but security expert Mary Landesman wonders: are site owners and visitors are addressing the problem?

Read more +

"The exploit sites we've seen so far drop a wide variety of malware — most commonly password stealers like new variants of game password stealers like Win32/OnLineGames, and Win32/Lolyda; keyloggers like Win32/Lmir; Trojan horse applications like Win32/Helpud along with some previously unseen malware which we generically detect as Win32/SystemHijack," the Malware Protection Center blog said. "We fully expect the variety of malware being dropped by this exploit to broaden as the exploit code starts to circulate around the internet underground," it added.

People visiting trusted sites could also be affected from sites targeted by SQL injection attacks through which malicious code is injected into sites, Microsoft says.

A Microsoft spokesman said he could not say when a fix would come. The next Patch Tuesday is scheduled for 13 January.

Microsoft's updated advisory lists a number of mitigating factors: Protected Mode in IE7 and IE8 in Windows Vista limits the impact of the vulnerability; IE on Windows Server 2003 and 2008 runs in a restricted mode known as Enhanced Security Configuration that sets the security level for the internet to high; the attacker could only gain the same user rights as the local user; known attacks can not exploit the issue automatically through email.

Credit: Microsoft: Hole exploit endangers all IE versions from CNET News

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
17 out of 20 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

5 comments

  1. Hole exploit threatens all IE versions. ator1940
  2. NOT waiting to happen... J.A. Watson
  3. Microsoft: Hole exploit threatens all IE... ator1940
  4. IE IE OH! lumension
  5. so even when Microsoft fixes a problem... PeterJudge

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Sharepoint Designer/Developer

Website Developer

EEE Parts Project Engineer

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters