Feeds

Microsoft issues emergency IE patch as attacks escalate

Patch now

  • alert
  • submit to reddit

Eight steps to building an HP BladeSystem

Microsoft has issued a rare emergency update for its Internet Explorer browser as miscreants stepped up attacks targeting a vulnerability on hundreds of thousands of webpages.

In many cases, the websites distributing the toxic payload are legitimate destinations that have been commandeered, allowing an attacker to snare victims as they surf to online banks, forums, and other trusted sites. There are at least six distinct versions of attack code circulating in the wild, according to researchers at iDefense, a security lab owned by VeriSign.

A web search showed 233,000 pages containing the string ardoshanghai.com/s.js, just one of many web addresses exploiting a weakness in the way IE's data-binding function works. Most of the attacks silently install keylogging software as soon as a victim surfs to a site carrying the exploit. Once installed, the software steals login credentials for online games.

Attack strings in separate SQL injections include 17gamo.com/1.js. Researchers say the number of attack sites is too high to keep exhaustive lists, but Shadowserver is doing an admirable job here.

"The vulnerability is so juicy that we expect it to show up in tool kits fairly shortly," said Rick Howard, intelligence director of iDefense.

The patch was released eight days after reports began circulating that websites were targeting a vulnerability in fully patched versions of IE. This is only the second time in 18 months that Microsoft has issued an unscheduled update. Typically, patches are available on the second Tuesday of each month to allow system administrators time for planning.

Given the prevalence of attacks, there's no good reason why anyone running a Windows machine shouldn't stop what they're doing and install the patch immediately (those with administrative rights, anyway) - doing so is as easy as opening IE and selecting Windows Update from the Tools menu. The patch can also be downloaded directly here.

Howard mentioned the site of "a major financial institution" that he found hosting the exploit, so don't think you're immune just because you steer clear of porn and warez. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
That AMAZING Windows comeback: Wow – 0.5% growth in 2015
Whoooah, my face is going all floppy with the speed
'I don't want to go on the cart' ... OpenSSL revived with survival roadmap
Heartbleed-battered crypto library reveals long path back to health
Conformist Google: Android devices must LOOK, WORK ALIKE
Demands watch, TV, and car makers stick to default UI
Free Red Hat clone CentOS-7 is full of Linux Container love
All the glitter of RHEL 7 – without the price tag
Linux turns the crank on code for cars
Got a feel for your automobile
Google policy wonk patronises Brits over EU search biz probe
Downgrading rivals? Whetstone: 'I just don't think it's really true'
Chrome Remote Desktop adds Linux to supported OS list
Drive Debian from the confines of a Chromebook
Windows 7, XP and even Vista GAIN market share again
Windows 8.x failure to launch confirmed
prev story

Whitepapers

How modern custom applications can spur business growth.
In this whitepaper learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
The Power of One eBook: Top reasons to choose HP BladeSystem
Only the Power of One delivers leading infrastructure convergence, availability and scalability with federation, and agility through data center automation.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximizing your infrastructure through virtualization
Virtualization continues to be one of the most effective ways to consolidate, reduce cost, and make data centers more efficient.
Build a Business Case: Developing Custom Apps
In this whitepaper learn how to maximize the value of custom applications by accelerating and simplifying their development.