New attack on unclosed flaw in IE browser
Information became available in Chinese in one of the discussion forums of the Knownsec security group. IE7 based on Windows XP SP2 took part in the tests. According to Wayne Huang, who heads the security department of Amromrize Technologies, the vulnerability has already been tested by attackers on unsuspecting users who used hacked web sites. After a public statement about the presence of such a serious vulnerability, the number of such attacks may increase.
The vulnerability is known to use XML browser-side processing bug. To conduct an attack, the victim must visit a website that contains malicious JavaScript code that uses a security hole. After downloading a small amount of malicious code on the victim's computer, the download of a variety of malicious software from various resources begins.
Microsoft already knows about this problem, but it's not clear how soon the problem will be fixed.
')
New Web attack exploits unpatched IE flaw
The vulnerability is known to use XML browser-side processing bug. To conduct an attack, the victim must visit a website that contains malicious JavaScript code that uses a security hole. After downloading a small amount of malicious code on the victim's computer, the download of a variety of malicious software from various resources begins.
Microsoft already knows about this problem, but it's not clear how soon the problem will be fixed.
')
New Web attack exploits unpatched IE flaw
Source: https://habr.com/ru/post/46593/
All Articles