There is a new and critical vulnerability in Internet Explorer discovers that actively used to infect computers with malware and cyber criminals which no update is available from Microsoft. The vulnerability affects Internet Explorer 6 to Internet Explorer 11.
The attacks that were observed, however, were directed against IE9, IE10 and IE11. According to the U.S. security firm FireEye is the exploit of the vulnerability abuse by an APT (advanced persistent threat) group "used in the past more zero-day vulnerabilities used, including Firefox and Adobe Flash Player.
"We think this is an important zero-day, because the vulnerable versions about a quarter of the browser market decide," said analyst Chen Xiaobo. The exploits that attackers use uses a technique known through Adobe Flash Player, the Windows security bypasses to attack the unknown. Leak in IE
Solution
Microsoft vulnerability has also been confirmed and suggests that it is deployed. in targeted attacks only on a limited scalePending a security IE users to take various measures to protect themselves. Enabling the Enhanced Protected Mode in IE10 and IE11 can prevent the attack. IE users on Windows 7 itself should enable this option. Windows 8 Enhanced Protected Mode is enabled only in the "Metro" version of IE. If the desktop version of the browser on Windows 8 should still enable the measure itself used.
Since the exploit Adobe Flash Player as a springboard to attack the causes browserlek to disable the Flash Player plug-in in Internet Explorer ensure that the attack does not work anymore. Finally IE users can protect themselves by installing the Enhanced Mitigation Experience Toolkit (EMET) version 4.1 or 5.0 Tech Preview .
No comments:
Post a Comment