exploits

Microsoft races to plug IE hole after exploit code released

Microsoft said on Friday it is testing a patch to fix a new hole in Internet Explorer 6 and IE 7 following the release of exploit code on the Internet.

With the announcement it seems increasingly likely that the company will be issuing a patch for the hole before the next Patch Tuesday in about four weeks, if the testing of the patch goes quickly.

Microsoft warned about the hole, which it said was being targeted in attacks and could allow an attacker to take control of a computer, in an advisory on Tuesday. The next day, Israeli researcher Moshe … Read more

Researcher publishes exploit for new IE hole

An Israeli security researcher has published exploit code for an unpatched hole in Internet Explorer that Microsoft disclosed two days ago.

Microsoft had warned in an advisory that a new vulnerability in IE 6 and IE 7, which could allow an attacker to take control of a computer, had been targeted in attacks.

Releasing the exploit code publicly increases the chances of attacks on the zero-day hole and could pressure Microsoft to issue a patch before its next scheduled Patch Tuesday in four weeks.

Researcher Moshe Ben Abu announced his work in a blog post on Wednesday and said it … Read more

McAfee: China attacks a 'watershed moment'

The China-based cyberattacks on Google and other companies were "a watershed moment in cybersecurity," according to an executive at computer security company McAfee.

"I believe this is the largest and most sophisticated cyberattack we have seen in years targeted at specific corporations," McAfee Chief Technology Officer George Kurtz wrote on his blog Sunday. "While the malware was sophisticated, we see lots of attacks that use complex malware combined with zero day exploits."

"What really makes this is a watershed moment in cybersecurity is the targeted and coordinated nature of the attack with the … Read more

IE exploit code released on the Internet

Exploit code for the zero-day hole in Internet Explorer linked to the China-based attacks on Google and other companies has been released on the Internet, Microsoft and McAfee warned on Friday.

Meanwhile, the German federal security agency issued a statement on Friday urging its citizens to use an alternative browser to IE until a patch arrives.

"We still only see limited targeted attacks affecting Internet Explorer 6," Jerry Bryant, senior security program manager lead at the Microsoft Security Response Center, said in a statement. "While newer versions of Internet Explorer are affected by this vulnerability, mitigations exist … Read more

Adobe to patch zero-day Reader, Acrobat hole

Adobe on January 12 will patch a critical hole in Reader and Acrobat that is being exploited in attacks. That date is the company's next scheduled quarterly security update release.

The zero-day hole, which affects Reader and Acrobat versions 9.2 and earlier, could crash the system and allow an attacker to take control of the computer.

Malicious Adobe Acrobat PDF files are distributed via an e-mail attachment that, when opened, executes a Trojan that targets Windows systems, according to Symantec. The rate of infection is extremely limited and the risk assessment level is very low, the company said.… Read more

Adobe investigating Reader, Acrobat exploit reports

Adobe warned of reports of an attack exploiting a hole in Reader and Acrobat on Monday.

"This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild," the company said in an advisory on its Security Incident Response Team blog. "We are currently investigating this issue and assessing the risk to our customers. We will provide an update as soon as we have more information."

Three different security vendor partners reported the alleged exploit to the company on Monday afternoon, said Adobe spokeswoman Wiebke … Read more

Microsoft warns of IE exploit code in the wild

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

Microsoft confirmed that the exploit code affects IE 6 and IE 7, but not IE 8, and it said it is "currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," according to a statement.

The exploit code was published to the BugTraq mailing list on Friday with no explanation.

"… Read more

Another iPhone worm, but this one is serious

Another iPhone worm has been spotted in the wild.

Unlike the previous exploitation, which merely changed a jailbroken iPhone's wallpaper to a picture of Rick Astley of "Rickrolling" fame, this new threat allows hackers to steal sensitive information.

According to security firm Sophos, which wrote about the exploitation after a Dutch ISP spotted it late last week, the worm attacks jailbroken iPhone and iPod Touch devices only.

The worm "uses command-and-control, like a traditional PC botnet," Sophos wrote in a blog post on Saturday to warn users about the exploit. "It configures two startup … Read more

Congressional commission focuses on China's cyberwar capability

In war and possibly in peace, China will wage cyberwar to control the information flow and dominate the battle space, according to a new report compiled for a congressional commission.

Chinese military strategists see information dominance as the key to overall success in future conflicts and will continue to expand the country's computer network exploitation capabilities, according to the report, titled "Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation." The report was prepared for the U.S.-China Economic and Security Review Commission under contract by Northrop Grumman's … Read more

Adobe exploit puts backdoor on computers

A new zero-day exploit targeting Adobe Reader, as well as 9.1.3 and earlier versions of Adobe Systems' Acrobat, drops a backdoor onto computers using JavaScript, Trend Micro researchers warned on Friday.

Trend Micro identified the exploit as a Trojan horse dubbed "Troj_Pidief.Uo" in a blog post. It arrives as a PDF file containing JavaScript-based malware, "Js_Agent.Dt," and then drops a backdoor called "Bkdr_Protux.Bd."

The exploit affects Microsoft Windows 98, ME, NT, 2000, XP, and Server 2003, according to Trend Micro.

The blog post provides technical details on how the … Read more