Dan Goodwin recently reported that a new Internet Explorer exploit has been released into the wild. The exploit, known as CVE-2010-0249, attacks a known vulnerability in Internet Explorer and was most notably used to compromise Google. Luckily, networks with an Astaro Security Gateway are protected against this threat.
Astaro is connected to the Microsoft Active Protection Program and therefore it is possible for the product’s IPS to recognize and block attacks before other vendors are able to do so.
According to the Goodwin article, this attack has been in existence and remained undetected for almost nine years. Obviously this attack is "highly sophisticated" and the only reason we are aware of the exploit now is because a very prominent company (Google), was targeted and compromised. It is important to note that Internet Explorer version 8 and Windows 7 were both able to withstand this attack- once again confirming the importance of updating your software.
Microsoft is encouraging Internet Explorer users to upgrade version 8, a move that will help protect users from other known vulnerabilities. I believe the Google compromise is just the tip of the iceberg. Just because we are now aware of this exploit does not mean all networks and systems are fixed. Now that the vulnerability in Internet Explorer has been publicized we can expect more attacks looking to take advantage of the vulnerability until a patch is made.
The next patch is scheduled for February 9th, however there is speculation a patch may be issued prior to the scheduled patch date. A final thought about this exploit is how it transcends international borders. The cyber-criminals who created this exploit are from China but used the global reach of Internet Explorer to gain access to email accounts of users who trust Google from all over the world. We truly live in a global world.
Leave a Reply