Zero-day vulnerability in IE and hacking website of USA

Posted: December 30, 2012 in IT Security News
Tags: , , , ,

HackersUnidentified hackers posted on the compromised site exploit to a zero-day vulnerability in IE.

December 21 unknown hackers have carried out a successful attack on the website of the Council on Foreign Relations, United States (http://www.cfr.org) and posted on the site exploits a previously unknown vulnerability in Microsoft Internet Explorer.

First started talking about breaking only on December 27. Representative of the Council on Foreign Relations, David Mikhail said that the organization is aware of a security incident, and is being investigated.

December 28th the company FireEye blog published an analysis of malicious software that has been used by hackers. According to the analysis FireEye, attackers have used Adobe Flash for the preparation of dynamic memory on the system of the victim (heap spray) for the successful operation of a zero-day vulnerability in Microsoft Internet Explorer. The exploit has been designed for users who have a browser is the default put English, Chinese, Japanese, Korean or Russian.

Also, attackers have used all cookies, to exploit is triggered only one time for a particular browser.

Judging by the presence of metadata in the load on the system library, responsible for developing the exploit Chinese programmers.

Last night, Microsoft has confirmed the vulnerability in Microsoft Internet Explorer and has released security bulletin.

Vulnerability applies to Microsoft Internet Explorer 6.x, 7.x and 8.x. There are currently working exploit for Metasploit Framework.

A detailed description of the vulnerability can be found here

We encourages our readers to temporarily stop using the affected versions of Internet Explorer.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s