Microsoft has released an emergency fix for browser Internet Explorer, which has been fixed a vulnerability exploited by hackers on the Internet to break into computers.
Error is in the older versions of the browser, the latest IE 10 is not affected by the problem. According to the company, the problem is fixed in the code of Internet Explorer 6, 7 and 8. The company said about first problem on Saturday, promising as soon as possible to release a fix.
In the anti-virus company Symantec said that already committed a wave of attacks that exploit the vulnerability. In attacks malefactors try to place a malicious code of Bitfrose which first representatives appeared in 2004 on attacked computers. Bitfrose is the backdor allowing the organizer of attack to abduct from the user computer various data. Now the most part of attacks with use of the last representative of Bitfrose is concentrated in the USA.
Hackers exploit originally posted on the website of the American non-partisan organization Council on Foreign Relations in New York and Washington. So, last Friday the company FireEye reported that the site was compromised and the CFR on it a code, which in closed forums has been fixed on December 21. Code itself initiates an attack like drive-by. Darren Kindlund, Senior Research FireEye says CFR site uses Flash Player and a special code is embedded in the video.
On Saturday, the company AlientVault specified that the code is able to bypass the proprietary technology of Microsoft DEP (data execution prevention) and ASLR (address space layout randomization), successfully attack Windows XP and Windows 7.