McAfee Blames IE Hole for Google-China Hack

[nsane.forums]

McAfee said that the Google hackers used an unknown exploit in Internet Explorer.

View: Original Article

[Toshiro]

McAfee notifies Redmond of vulnerability

In a move bound to cause red faces at Redmond, Microsoft has been forced to admit that a flaw in its Internet Explorer (IE) browser was the route by which Chinese hackers sought to infiltrate Google's corporate systems.

"Based on our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," wrote Mike Reavey, director of the Microsoft Securtity Response Center, in a blog posting.

Microsoft's announcement came after McAfee's chief technology officer, George Kurtz, wrote in a blog posting that the firm had discovered a new vulnerability in IE that had been exploited by the hackers.

"In our investigation we discovered that one of the malware samples involved in this broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer," he said.

Kurtz added that the targeted attack used tried and tested methods to get users to click on a link that then compromised their machine.

"These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That's when the exploitation takes place, using the vulnerability in Microsoft's browser," he added.

As a result of this, Microsoft issued guidelines to help customers reduce the risk of further attacks and called on firms to remain vigilant against the continued threats that exist.

"Attacks targeting specific corporate networks are becoming more prevalent in the threat landscape and organisations should follow defence-in-depth best practices, and deploy multiple layers of protection to improve their security posture," added Reavey.

View: Original Article

[ROMANTICGUY50]

Good Reason Not To Use IE Still prefer Fixfox