Researchers have uncovered new, currently unpatched vulnerabilities in multiple versions of Internet Explorer that criminals are actively exploiting to surreptitiously execute unusually advanced malware on computers that visit booby-trapped websites.
The vulnerabilities in various configurations of IE versions 7, 8, 9, and 10 running on Windows XP and Windows 7 are separate from the Microsoft Windows and Office graphics flaw that’s also under active exploit at the moment. According to researchers at security firm FireEye, the IE-targeted exploits arrive as a classic drive-by attack that’s found on at least one breached website located in the US.
The attacks are able to bypass security protections Microsoft engineers have gradually added to later versions of their software. The exploits appear to circumvent the measures, at least in part, by exploiting at least two separate flaws.
SOURCE: arstechnica.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…