Unidentified hackers posted on the compromised site exploit to a zero-day vulnerability in IE.
December 21 unknown hackers have carried out a successful attack on the website of the Council on Foreign Relations, United States (http://www.cfr.org) and posted on the site exploits a previously unknown vulnerability in Microsoft Internet Explorer.
First started talking about breaking only on December 27. Representative of the Council on Foreign Relations, David Mikhail said that the organization is aware of a security incident, and is being investigated.
December 28th the company FireEye blog published an analysis of malicious software that has been used by hackers. According to the analysis FireEye, attackers have used Adobe Flash for the preparation of dynamic memory on the system of the victim (heap spray) for the successful operation of a zero-day vulnerability in Microsoft Internet Explorer. The exploit has been designed for users who have a browser is the default put English, Chinese, Japanese, Korean or Russian.
Also, attackers have used all cookies, to exploit is triggered only one time for a particular browser.
Judging by the presence of metadata in the load on the system library, responsible for developing the exploit Chinese programmers.
Last night, Microsoft has confirmed the vulnerability in Microsoft Internet Explorer and has released security bulletin.
Vulnerability applies to Microsoft Internet Explorer 6.x, 7.x and 8.x. There are currently working exploit for Metasploit Framework.
A detailed description of the vulnerability can be found here
We encourages our readers to temporarily stop using the affected versions of Internet Explorer.