IE flaw targeted in Aurora attacks still actively exploited
Posted on 17 December 2013.
Regular software patching is often touted as one of the best things you can do to keep your computer safe against malware infection. Unfortunately, not all users follow that advice, and that realisation often demoralises IT security professionals.

Cyber attackers are, on the other hand, overjoyed that some users don't even know what software patching means and entails, because this allows them to recycle old exploits and still succeed in their attacks.

Zscaler's Pradeep Kulkarni has recently unearthed an attack taking advantage of the Internet Explorer zero-day vulnerability that has been exploited in the infamous Aurora attacks against Google and many other big Internet, finance, technology, media and chemical companies.

As you might remember, the Aurora attacks were first detected in December 2009 and made public in January 2010. That was exactly four years ago, and Microsoft has released a patch for the vulnerability two years ago.

Nevertheless, "the obvious reason behind attacking old CVE's is the belief of attackers, that there are still un-patched and outdated browser's out there on end user machines," notes Kulkarni. "Sadly, they're correct."

This particular attack uses obfuscated JavaScript code to deliver the exploit to visitors of a number of compromised websites, and the Trojan downloader delivered upon successful exploitation is still detected by less than 30 of the 41 AV solutions used by VirusTotal.

Unfortunately, security pros can only offer that oft-repeated (and oft-ignored) mantra: migrate to the most recent version of the browser, and keep it updated with the latest patches.









Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //