For the second time in a short time is a critical vulnerability in Internet Explorer, just after it is patched by Microsoft, actively attacked by cyber criminals. In addition, Microsoft came out last week, also with an emergency patch for a zero-day vulnerability in IE that has already been attacked before the update was available. The IE vulnerability that is now attacked was on August 11 Microsoft patched.
Visiting a hacked or malicious Web site or see getting an infected ad is enough to get infected with malware. Anti-virus company Symantec warned that the exploit of the flaw Explorer uses the Sundown-exploitkit added. On hacked websites post the attackers code that visitors unnoticed to the exploitkit forward. A Trojan horse is then placed on the computer from which the attackers have access to the computer and can steal all kinds of information. The currently observed attacks were primarily aimed at Japan.
In early August decided cyber criminals even though a just-patched IE vulnerability to attack actively. Then it came to a vulnerability in the browser that Microsoft patched in July. Less than three weeks later there was an exploit for the vulnerability is added to the Angler-exploitkit and was used for IE users with ransomware to infect. At the time, called the security company FireEye still noteworthy that the creators of the Angler-exploitkit now suddenly focused on an IE vulnerability.
In recent months, namely, only exploits developed for Flash Player leaks. In July, however, decided to Adobe Flash Player to better guard against attacks, make it more difficult for attackers to attack vulnerabilities. Adobe patched so on August 11, the same day that Microsoft now attacked IE flaw patched, 35 vulnerabilities in Flash Player, but these vulnerabilities are not attacked.
No comments:
Post a Comment