On Tuesday, Google revealed cyberattacks against it and other U.S. companies. Within two days, security researchers had traced one of the open doors back to Internet Explorer. Microsoft has admitted that a remote code execution (RCE) vulnerability exists in IE.
“Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks,” said Mike Reavy, Microsoft Security Response Center director.
On Thursday, Microsoft issued guidance to help customers mitigate the RCE vulnerability in Internet Explorer. Microsoft has not seen widespread consumer impact from the vulnerability, but may release an out-of-band patch to address the issue. Reavy also said Microsoft is cooperating with Google and other companies, as well as authorities and other industry partners.
Major Ramifications
McAfee CTO George Kurtz explained how the attack works in a blog post: The intruders gained access by sending a tailored attack to one or a few targeted individuals. McAfee suspects these individuals were targeted because they likely had access to valuable intellectual property. These attacks will look like they come from a trusted source, he said, leading the target to fall for the trap and click a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s Internet Explorer.
Kurtz said once the malware is downloaded and installed, it opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system. The attacker can now identify high-value targets and start to siphon off valuable data, he explained.
“It’s hard to imagine a cyber breach with bigger ramifications than this one unless it involved some infrastructure capacity. The scope and the targeting of this breach should grab every CEO’s attention,” said Andrew Storms, director of security operations for nCircle. “If Google got…
Buy This Item: [Click here to buy this item]