Feeds

New attacks on IE7 go wild

Info-stealing software remotely installed

Secure remote control for conventional and virtual desktops

Cybercriminals have begun attacking a critical hole that Microsoft patched in its Internet Explorer 7 browser last week, corroborating the company's warning that the vulnerability would be easy to exploit.

The exploit code is spread through a booby trapped Word document that ultimately installs information-stealing malware on unpatched machines, according to researchers. The vulnerability is one of two IE flaws Microsoft patched last week. The company warned at the time that "consistent exploit code" for the remote execution flaws was likely.

The attack is fairly primitive at the moment, because it involves the spamming of Word documents. Security experts expect that to change.

"There is absolutely nothing preventing attackers from using the exploit in a drive-by attack (and we can, unfortunately, expect that this will happen very soon)," Bojan Zdrnja, a handler at the Sans Internet Storm Center wrote here. He went on to say the exploit code was the result of reverse engineering Microsoft's patch.

The exploit code does have its innovations, however. It funnels pilfered data to a website in China through an encrypted channel, for instance. It also uses heavily obfuscated shell code and garbage collection, presumably to cover tracks.

The attack exploits MS09-002, a remote execution flaw that is the result of improper handling of errors when attempting to access deleted objects. Anti-virus provider Trend Micro has more about the attacks here. ®

Remote control for virtualized desktops

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.