Since news broke last week of Google’s threat to pull its operations out of China, there has been much speculation around the targeted attacks involved. Part of this discussion has revolved around the Hydraq Trojan being used to exploit an Internet Explorer vulnerability.
The vulnerability affects Internet Explorer 6, 7 and 8, which make up the bulk of the versions used today. Since the exploit code has been made public and is available for anyone to download (and use to make attacks), it is highly likely we will see it being used in more Web-based attacks.
Based upon its functionality, we can surmise that the intent of the trojan is to open a back door on a compromised computer allowing a remote attacker to monitor activity and steal information from not only the compromised computer, but the larger infrastructure to which the computer is connected.
“Based on our in-the-field detections, this security vulnerability has only been used in a very limited number of targeted attacks so far, however they appear to be very high profile attacks,” said Joshua Talbot, security intelligence manager, Symantec Security Response. “Despite the fact that we’ve seen just limited attacks using this vulnerability, with exploit code public, there is no reason to think we won’t see more attack attempts.”
Microsoft has announced that on Thursday, January 21, it will release an emergency patch to fix the Internet Explorer security vulnerability. Symantec strongly encourages users to patch their systems against this vulnerability. In addition, enterprises are encouraged to consider implementing an automated patch management solution to help mitigate risk.
The vulnerability affects Internet Explorer 6, 7 and 8, which make up the bulk of the versions used today. Since the exploit code has been made public and is available for anyone to download (and use to make attacks), it is highly likely we will see it being used in more Web-based attacks.
Based upon its functionality, we can surmise that the intent of the trojan is to open a back door on a compromised computer allowing a remote attacker to monitor activity and steal information from not only the compromised computer, but the larger infrastructure to which the computer is connected.
“Based on our in-the-field detections, this security vulnerability has only been used in a very limited number of targeted attacks so far, however they appear to be very high profile attacks,” said Joshua Talbot, security intelligence manager, Symantec Security Response. “Despite the fact that we’ve seen just limited attacks using this vulnerability, with exploit code public, there is no reason to think we won’t see more attack attempts.”
Microsoft has announced that on Thursday, January 21, it will release an emergency patch to fix the Internet Explorer security vulnerability. Symantec strongly encourages users to patch their systems against this vulnerability. In addition, enterprises are encouraged to consider implementing an automated patch management solution to help mitigate risk.
0 comments:
Post a Comment