Internet Explorer zero-day flaw being exploited

2013-10-09 14:15

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Cape Town - A zero-day vulnerability has been discovered in Microsoft's Internet Explorer that could give hackers access to a computer.

"Researchers have observed attacks using this remote code execution vulnerability to install malware that attempts to disable the user's security products and redirects banking sites to a malicious IP address," security firm Trustwave said.

A zero-day vulnerability is one that is known, but software patches have not yet been built to close the software flaw.

Trustwave discovered that hackers are exploiting the vulnerability in Internet Explorer 8 "in the wild" by using it to install malware on infected machines.

The distribution model is closely linked to visiting compromised websites and the target has mainly been users of online banking platforms, Trustwave said.


So far, it appears that the attacks have been limited to computers that are set to run in Korean and Japanese.

"This Internet Explorer zero-day is currently used only on a small number of websites, and the attack was limited by its programmer to Japanese and Korean users. However, based on past experience, new drive-by exploits are quickly copied to other malicious sites because they can work against large number of users," said Trustwave director of Security Research Ziv Mador.

The company added that the vulnerability extends to Windows XP and 7 platforms, and that the flaw was reported to Microsoft.

It is recommended that users download the latest Microsoft patch issued on Tuesday by enabling Windows Updates.

Internet Explorer's share of users declined to 12.1% from 16.4% from a year ago, far behind market leader Chrome which commands of 53.2% of the browser market, according to

Mador indicated that user banking information was the target of the attacks.

"The malware in the specific attack we observed is responsible for a number of malicious activities: It attempts to disable any security products that may be running on the victim's computer, redirects banking sites to a malicious IP address, and tries to steal credentials to popular online games."

- Follow Duncan on Twitter
Read more on:    trustwave  |  cybercrime
NEXT ON NEWS24X publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.