Results 1 to 5 of 5

Thread: 'State-sponsored attackers' using IE zero-day to hijack GMail accounts.

  1. #1
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default 'State-sponsored attackers' using IE zero-day to hijack GMail accounts.

    Hi !

    "'State-sponsored attackers' using IE zero-day to hijack GMail accounts."

    Summary: Microsoft’s advisory speaks of “active attacks” and follows a separate note from Google that references the IE flaw “being actively exploited in the wild for targeted attacks.

    Microsoft and Google have separately warned about a new Internet Explorer zero-day being exploited to break into GMail accounts. The browser flaw, which is currently unpatched, expose Windows users to remote code execution attacks with little or no user action (drive-by downloads if an IE users simply surfs to a rigged site).
    Microsoft’s advisory speaks of “active attacks” and follows a separate note from Google that references the IE flaw “being actively exploited in the wild for targeted attacks.”
    A source close to these investigations confirm that these attacks prompted Google’s recent decision to warn GMail users about “state-sponsored attackers."


    Microsoft’s explanation of the issue:
    The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website.
    Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker’s website.
    The vulnerability affects all supported releases of Microsoft Windows, and all supported editions of Microsoft Office 2003 and Microsoft Office 2007.

    The vulnerability exists when MSXML attempts to access an object in memory that has not been initialized, which may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user."

    full story: 'State-sponsored attackers' using IE zero-day to hijack GMail accounts | ZDNet



    Javascripts can be very dangerous !
    Thatīs the reason why itīs important to block scripts from running on all unknown webbsites.
    Personally iīm using Firefox with an addon called "NoScript" which blocks all javascripts on new sites.
    Last edited by hackerman1; 15th June 2012 at 18:05.

  2. #2
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,559

    Default

    Thanks for the post hackerman1!

    Just added NoScript to my Firefox.

  3. #3
    Dan Arendt is offline New Member
    Join Date
    Jun 2012
    Location
    Albany, Oregon USA
    Posts
    1

    Default

    It's good to know Microsoft puts user security over flash-based "cookie/ping" tracking! For years, here and there I support the work of the Tor Project, orginating in Naval Intelligence and Linux; for me the key Tor element is the excellent blockage not only of Javascript/flash threats but also warnings to re-direct from sites such as those loaded with Flame. Being an anonymizing vpn to boot, Tor however can be very slow for routine business so aggain kudos to Microsoft for evolving a fix on the Windows system.

  4. #4
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    Quote Originally Posted by HappyAndyK View Post
    Thanks for the post hackerman1!

    Just added NoScript to my Firefox.
    Huh ?
    I thought that you already had NoScript installed...

  5. #5
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,559

    Default

    ^ I use FF less frequently, preferring IE instead. Every once in a while when I find find FF slowing down, I go in a frenzy and disable/delete its addons.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22