Skip to main content

IE

New zero-day bug targets IE users in drive-by attack

posted onNovember 12, 2013
by l33tdawg

A pair of vulnerabilities in Internet Explorer are currently being exploited in the wild to install malware on computers that visit at least one malicious Web site, security researches warn.

The classic drive-by download attack targets the English versions of IE 7 and 8 in Windows XP and IE 8 on Windows 7, security firm FireEye warned in a company blog post Friday. However, the security researcher wrote that its analysis indicated that other languages and browser version could be at risk.

New zero-day bug targets IE users in drive-by attack

posted onNovember 11, 2013
by l33tdawg

A pair of vulnerabilities in Internet Explorer currently being exploited in the wild to install malware on computers that visit at least one malicious Web site, security researches warn.

The classic drive-by download attack targets the English versions of IE 7 and 8 in Windows XP and IE 8 on Windows 7, security firm FireEye warned in a company blog post Friday. However, the security researcher wrote that its analysis indicated that other languages and browser version could be at risk.

IE8 Exploit Had US Nuke Workers in Its Sights

posted onMay 7, 2013
by l33tdawg

A zero-day vulnerability in Internet Explorer 8 let hackers compromise a U.S. Department of Labor website linked to a database used by former Energy Department employees who had worked with nuclear weapons or uranium. That database was also used by Labor Department claims examiners.

Security firm Invincea, which reported the attack, has advanced the possibility that the hackers were compromising one U.S. government department in order to attack another.

Microsoft to patch IE10 Pwn2Own bugs next week, says security expert

posted onApril 5, 2013
by l33tdawg

Microsoft today said it will ship nine security updates next week, two rated "critical," to patch Internet Explorer (IE), Windows, SharePoint Server, Office Web Apps and the company's anti-malware software in Windows 8 and RT.

One security expert put his money on the IE update as the most important of the pending, in part because he expects Microsoft to fix the flaws revealed a month ago at the Pwn2Own hacking contest.

Microsoft Patch Tuesday targets Internet Explorer drive-by attacks

posted onMarch 8, 2013
by l33tdawg

Internet Explorer vulnerabilities warrant notice in this month's set of Microsoft Patch Tuesday bulletins and need to be fixed quickly even though the sheer number of patches may seem daunting.

The weaknesses leave users open to drive-by attacks where malicious code is downloaded without the user's knowledge while browsing. Not patching them because they are time-consuming will just widen the window of opportunity hackers have to exploit them, says Alex Horan, a senior product manager at CORE Security.

Pwn2Own, Pwnium Attract Dollars and 0-Days by the Bushel

posted onMarch 5, 2013
by l33tdawg

The new year is barely two months old and it's already been a brutal one for the disclosure of new vulnerabilities. Java, Adobe Reader, Flash, Google Chrome and a number of other widely deployed applications have all been hit with a slew of serious bugs in just the last few weeks. And that's likely to get worse this week as researchers convene in Vancouver for the Pwn2Own and Pwnium hacking contests.

Internet Explorer market share up again, Chrome slips

posted onMarch 1, 2013
by l33tdawg

The browser market share figures are in for February 2013, and Internet Explorer has risen once again at the expense of Chrome, while Firefox, Safari and Opera also managed to gain users. Last month Internet Explorer managed to pass 55% global market share, according to Net Applications, and this month the most popular browser rose again to 55.82% (up 0.68% from 55.14%) to keep its commanding lead in check.