Symantec: IE exploit will only get worse
Security firm Symantec says that the hole in Internet Explorer will continue to be exploited, despite yesterday’s patch.
“The Google attack has come and gone and has largely been dealt with. But we will continue to see leveraging of the Internet Explorer exploit. It will be used in a whole host of other attacks,” Kevin Hogan, senior security response manager at Symantec told PC Pro.
Symantec claims it’s already seen a new in-the-wild attack that targets the same flaw in Internet Explorer. The firm reports hundreds of websites hosted in countries such as China, South Korea and Poland contain malicious code that’s able to bypass the security in unpatched versions of Internet Explorer 6. The Trojan gives hackers complete control over the infected machine.
“We’re likely to see people rolling this [attack] into webkits,” Hogan adds.
Hogan says it’s imperative that companies and individuals patch their browsers, or upgrade to the latest version of Internet Explorer. Symantec claims the additional security measures in Internet Explorer 7 and 8 prevent the exploit from working as intended.
Microsoft “knew of Internet Explorer flaw four months ago”
Hogan also disclosed further details of the original Trojan.Hydraq that led to attacks on companies such as Google and Adobe. “We’re almost certainly not talking about a denial-of-service attack,” he said, claiming that Google and Adobe employees were probably intentionally targeted by their email domain.
“The [infected] machines were used as a platform for further activity,” Hogan added.
Asked why employees of technology companies were still running the aged Internet Explorer 6 browser that was targeted in the attack, Hogan said he “couldn’t really say,” adding that “these companies have tens of thousands of nodes” on their network, and that it was almost inevitable that some of them would be running outdated browsers.