Published code used to attack Google
The malicious code that was used (presumably by the Chinese) to attack Google and the sites of another 33 companies was published on Thursday for analysis. According to McAfee, director of security research, already on Friday the code was included in at least one hacker tool used in practice by online attackers.
According to experts, this exploit is extremely reliable for hacking systems on Windows XP with IE6 browser. After appropriate modification, it can be used to work with newer versions of the browser. However, on Windows Vista or Windows 7, such an attack is almost impossible due to the more advanced memory protection technology of the operating system.
Microsoft has officially announced that it will not release an extraordinary patch to close this hole. A scheduled update is scheduled only for February 9, and until that time, all IE users will remain vulnerable to the “Chinese attack”. The problem is so serious that the German Ministry of Security officially recommended that users not launch IE browser over the next three weeks (see the discussion of this fact on Habré).
')
via IT World
According to experts, this exploit is extremely reliable for hacking systems on Windows XP with IE6 browser. After appropriate modification, it can be used to work with newer versions of the browser. However, on Windows Vista or Windows 7, such an attack is almost impossible due to the more advanced memory protection technology of the operating system.
Microsoft has officially announced that it will not release an extraordinary patch to close this hole. A scheduled update is scheduled only for February 9, and until that time, all IE users will remain vulnerable to the “Chinese attack”. The problem is so serious that the German Ministry of Security officially recommended that users not launch IE browser over the next three weeks (see the discussion of this fact on Habré).
')
via IT World
Source: https://habr.com/ru/post/81098/
All Articles