Microsoft issues fix for zero-day IE flaw
Microsoft’s monthly Patch Tuesday update includes a fix for a recently discovered zero-day vulnerability in Internet Explorer that the company said was being exploited. The flaw is present in all versions of Windows from XP through the most recent version, 8.1.
The security company FireEye said it had found exploits of the flaw carried out against IE 7, 8, 9 and 10, on PCs running XP or Windows 7, Computerworld reported. FireEye said the exploits were part of a watering hole campaign involving an infected website in the United States. The company didn’t identify the site but said it focused on domestic and international security policy.
Watering hole attacks are becoming popular among malicious actors as an alternative to attacks such as spear phishing. Like spear phishing, they’re highly targeted, but instead of sending someone a targeted email that will try to induce them to click on a link to an infected site, watering hole attacks pick sites their targets are likely to visit, infect the site and then lie in wait. When the target — either an individual or someone from a targeted group — visits the site, the user's computers can be compromised.
The exploit FireEye found was unusual because it was designed to erase itself when the PC is rebooted, Darien Kindlund, the company’s manager of threat intelligence, told Computerworld. Such an attack harder to detect because it leaves no trace after the restart, but it also means that the attackers must have operators on hand when a target, likely identified by its IP address, visits the site to take advantage.
Posted by Kevin McCaney on Nov 12, 2013 at 11:10 AM