Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The code used in the recent Google hack to exploit a vulnerability in Microsoft’s Internet Explorer browser has been published on the internet, raising the possibility of more attacks.In a blog posting, McAfee chief technology officer George Kurtz explained that researchers for the firm have seen references to the code on mailing lists and that it has been published on at least one web site.An attacker could use the flaw to gain control over a user’s system by tricking them into visiting a rigged web page, he said.“The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability,” warned Kurtz. “The now public computer code may help cybercriminals craft attacks that use the vulnerability to compromise Windows systems. Popular penetration testing tools are already being updated to include this exploit. This attack is especially deadly on older systems that are running XP and Internet Explorer 6.” Microsoft issued a security advisory on Thursday admitting that Internet Explorer could be used to allow remote code execution, and said it may release an out-of-cycle patch for the flaw.“At this time, we are aware of limited, targeted attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if the situation changes,” noted the security update.The flaw has been taken very seriously by organisations across the globe, with the German government recommending its citizens use an alternative browser to IE until the vulnerability is patched.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.