Feeds

New attacks on IE7 go wild

Info-stealing software remotely installed

Choosing a cloud hosting partner with confidence

Cybercriminals have begun attacking a critical hole that Microsoft patched in its Internet Explorer 7 browser last week, corroborating the company's warning that the vulnerability would be easy to exploit.

The exploit code is spread through a booby trapped Word document that ultimately installs information-stealing malware on unpatched machines, according to researchers. The vulnerability is one of two IE flaws Microsoft patched last week. The company warned at the time that "consistent exploit code" for the remote execution flaws was likely.

The attack is fairly primitive at the moment, because it involves the spamming of Word documents. Security experts expect that to change.

"There is absolutely nothing preventing attackers from using the exploit in a drive-by attack (and we can, unfortunately, expect that this will happen very soon)," Bojan Zdrnja, a handler at the Sans Internet Storm Center wrote here. He went on to say the exploit code was the result of reverse engineering Microsoft's patch.

The exploit code does have its innovations, however. It funnels pilfered data to a website in China through an encrypted channel, for instance. It also uses heavily obfuscated shell code and garbage collection, presumably to cover tracks.

The attack exploits MS09-002, a remote execution flaw that is the result of improper handling of errors when attempting to access deleted objects. Anti-virus provider Trend Micro has more about the attacks here. ®

Beginner's guide to SSL certificates

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.