New vulnerability in Internet Explorer 7, 8, and 9 allow hackers to remotely control your Windows XP, Vista, and Windows 7 computer

A couple back-to-back Java vulnerabilities hit the cyber waves a few weeks back. The cyber criminal gang that exploited those vulnerabilities seems to have developed a new zero-day attack. This time the attack has Internet Explorer in its crosshairs.

Security researchers are reporting there is a new zero-day vulnerability affecting Internet Explorer — IE 7 and 8 on Windows XP, and IE 9 on Windows Vista and Windows 7 — that allows scumbags to remotely install malware on infected computers. The exploit on Windows XP is using Flash as the delivery mechanism, so anyone on Windows XP running Internet Explorer 7 or 8 with Flash installed is vulnerable. Do take note the bug appears to be Internet Explorer 7 and 8, not Flash, but uninstalling Flash should still protect you. The exploit on Windows Vista and Windows 7 affects users of Internet Explorer 9 that have Java 6 or Microsoft Visual C runtime library installed (this presumably affects Internet Explorer 7 and 8 on Windows Vista/Win7 also, although there is no confirmation on that). As with Windows XP, the vulnerability appears to be with Internet Explorer 9 on Vista and Win7 and not Java or Visual C runtime library, but uninstalling them should keep you safe.

Anyone visiting an infected website with Internet Explore 7/8/9 — and meeting the conditions mentioned above — can have their PC exploited; however, reports say currently in-the-wild attacks are only aimed at Windows XP users. These in-the-wild attacks are currently installing the Poison Ivy backdoor trojan. To make matters worse, as ArsTechnica points out, major anti-virus and anti-malware vendors have not yet started to detect the infected files (because they are new) so your anti-virus or security program likely won’t protect you, yet.

Yunsun Wee of Microsoft Trustworthy Computing has released a statement acknowledging Microsoft knows about “targeted attacks” that may affect “some versions of Internet Explorer”. Wee mentions Microsoft has confirmed Internet Explorer 10 is not affected and are investigating the other versions of IE. Wee also suggests users install Microsoft’s Enhanced Mitigation Experience Toolkit which is “designed to help prevent hackers from gaining access to your system”.

The best way to currently protect yourself is to obviously not use Internet Explorer. If you can, install a different browser such as Firefox or Chrome or Opera for the time being and only go back to Internet Explorer once this has been patched. (Better yet, never go back to Internet Explorer…) However, as HD Moore, CSO of security firm Rapid7, points out, some programs and tool use an embedded version of Internet Explorer for web browsing functionality so even if you don’t directly use Internet Explorer, you may still be vulnerable. Stay clear of such programs and tools until this is patched, if possible.

dotTech will be sure to let you know once these vulnerabilities have been fixed.

[via ArsTechnica]

Related Posts

  • RogueBase

    I’m running Maxthon 4, have been since the release, with no problems. I noticed that it’s the only browser not mentioned in the alerts. Do I “need” to be concerned about this browser not being listed? I gave up on IE years ago. Been with Maxthon since version 2. Good grief have things just gone nuts or what?

  • sl0j0n

    Hello, all.
    We *really* should keep in mind this fact:
    I. E. is “integrated” into the OS,
    supposedly at the kernel level.
    IF that’s true,
    then we should also remember that,
    many programs use the I. E. function calls,
    like drawing a window on the screen,
    to reuse the I. E. module.
    I think that’s why the winblows gadgets were affected by a recent malware attack.

    Have a GREAT day, neighbors!

  • Ashraf

    @ferrmier: I <3 Opera, too.
    @DoktorThomas: Unfortunately, sometimes using IE is unavoidable.
    @DoktorNauk: Subscribe to dotTech. :-P

  • DoktorNauk

    What about the second step?

  • DoktorThomas

    The first step to protect your PC is to never use Internet Explorer.

  • ferrmier

    I have been using a browser called Opera, as in singing. Seems to be quite marvelous, takes of very small amount of screen space, is fast and noted also it uses up much less “ping time” than does the Fire Fox. I think the Opera comes from Sweden or Norway. For some reason at least on the machine here the Fire Fox seems quite sluggish; the Opera is speedier. Am guessing it is not in danger from that virus in the story.