Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: New Internet Explorer 10 zero-day exploit targets U.S. military

14 Feb 2014   #1
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 10
New Internet Explorer 10 zero-day exploit targets U.S. military

A new zero-day exploit within IE 10 has been discovered in what is called "Operation Snowman," resulting in rapid investigation by Microsoft.

Discovered by security researchers from FireEye and dubbed "Operation Snowman," the campaign -- believed to be operating out of China -- is similar to Operation DeputyDog and Operation Ephemeral Hydra, both of which used zero-day flaws to deliver remote access trojans in order to hit strategically important targets.

According to the researchers, the zero-day exploit in Operation Snowman (CVE-2014-0322) is a "classic drive-by download attack," a phrase relating to browser-based attacks that hoodwink website visitors in to visiting malware-infected sites. The security firm says the attackers added an iframe to the VFW website's HTML code which then loaded the infected page in the background. When this code is loaded within the IE 10 browser, a Flash object is ran which downloads, decodes and executes an XOR-encoded payload from a remote server.
However, if a user is browsing with a different version of IE or has installed Microsoft’s Experience Mitigation Toolkit (EMET), the exploit will not function.
The Redmond giant has confirmed the vulnerability, stating:
"Microsoft is aware of targeted attacks against Internet Explorer, currently targeting customers using Internet Explorer 10. We are investigating and we will take appropriate actions to help protect customers."
New Internet Explorer 10 zero-day exploit targets U.S. military | ZDNet

My System SpecsSystem Spec


 New Internet Explorer 10 zero-day exploit targets U.S. military

Thread Tools

Similar help and support threads
Thread Forum
Microsoft patch fixed IE flaw used against U.S. military
Source A Guy
Security News
Another Java zero-day exploit in the wild actively attacking targets
Source A Guy
Security News
Military Smartphone Malware Designed to Steal Your Life
Source A Guy
Security News
Exploit Eleonore Exploit Kit (type 1194) help!
Twice whilst playing CS:S I have had the following message pop up. I have scanned with both Malwarebytes and AVG and nothing has been detected. What should I do? I was on the same server both times. I have looked through my...
System Security
New zero-day exploit targets Adobe Reader
more: computerworld

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 20:50.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App