Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New Internet Explorer 10 zero-day exploit targets U.S. military

14 Feb 2014   #1

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 
New Internet Explorer 10 zero-day exploit targets U.S. military

Quote:
A new zero-day exploit within IE 10 has been discovered in what is called "Operation Snowman," resulting in rapid investigation by Microsoft.

Discovered by security researchers from FireEye and dubbed "Operation Snowman," the campaign -- believed to be operating out of China -- is similar to Operation DeputyDog and Operation Ephemeral Hydra, both of which used zero-day flaws to deliver remote access trojans in order to hit strategically important targets.

According to the researchers, the zero-day exploit in Operation Snowman (CVE-2014-0322) is a "classic drive-by download attack," a phrase relating to browser-based attacks that hoodwink website visitors in to visiting malware-infected sites. The security firm says the attackers added an iframe to the VFW website's HTML code which then loaded the infected page in the background. When this code is loaded within the IE 10 browser, a Flash object is ran which downloads, decodes and executes an XOR-encoded payload from a remote server.
Quote:
However, if a user is browsing with a different version of IE or has installed Microsoft’s Experience Mitigation Toolkit (EMET), the exploit will not function.
Quote:
The Redmond giant has confirmed the vulnerability, stating:
"Microsoft is aware of targeted attacks against Internet Explorer, currently targeting customers using Internet Explorer 10. We are investigating and we will take appropriate actions to help protect customers."
New Internet Explorer 10 zero-day exploit targets U.S. military | ZDNet

My System SpecsSystem Spec
.

Reply

 New Internet Explorer 10 zero-day exploit targets U.S. military




Thread Tools



Similar help and support threads for2: New Internet Explorer 10 zero-day exploit targets U.S. military
Thread Forum
Another Java zero-day exploit in the wild actively attacking targets Security News
Exploit Eleonore Exploit Kit (type 1194) help! System Security
High-risk internet server exploit goes wild System Security
New zero-day exploit targets Adobe Reader News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:03 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33