Search My Blog

Friday, January 15, 2010

Microsoft Admits Zero-Day Aided Google Attackers - InternetNews.com

Microsoft Admits Zero-Day Aided Google Attackers

Software giant acknowledges flaw in Internet Explorer, but is there a workaround?

    January 14, 2010

By Stuart J. Johnston: More stories by this author:

Microsoft officials acknowledged that widely publicized attacks on Google and perhaps another 20 or more corporations were helped by a previously unknown zero-day (define) vulnerability in most versions of its popular browser.

Thursday, Microsoft (NASDAQ: MSFT) released a Security Advisory, warning customers of the Internet Explorer breach and providing workarounds that basically call for cranking security in the browser up to 11.

"Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google (NASDAQ: GOOG) and possibly some 20 other corporate networks," a post on the Microsoft Security Response Center blog said.

The post coincided with a blog post by McAfee CTO George Kurtz, stating that the antivirus firm had found IE had been used in the attacks and had informed Microsoft of its findings.

Read more...
http://www.internetnews.com/security/article.php/3858866/

Don

No comments: