Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 08 January 2013 / Published in Woo on Tech

Latest Zero-Day IE Exploit Still Vulnerable after MS Patch

Patched IE

According to security firm Exodus, the patch to Internet Explorer 6, 7 and 8 released on December 31 only fixed one of several ways to exploit a weakness in Microsoft’s browser. In their research on this exploit, Exodus continued to develop more aggressive ways to exploit the documented weakness and in doing so, uncovered a means that bypasses Microsoft’s fix, but are witholding details from the public until Microsoft has a chance to address their findings. A number of human rights and government sites have been compromised with malware agents that exploit this weakness and appears to be part of a larger campaign by the “Elderwood Gang” – a highly effective and well-backed group of hackers that have been targeting high-profile government sites since 2009, ostensibly with financial and espionage-based goals.

What this means for you:

Internet Explorer 6, 7 and 8 are still considered vulnerable, though no one has documented any websites yet taking advantage of the exploits discovered by Exodus. The fact that there are still holes in IE browser security will not go unnoticed, and if Exodus can develop work-arounds for Microsoft’s patch, you can bet groups like “Elderwood” will be able to do the same, if they haven’t already. Your best short-term solution is to either use another browser like Chrome or Firefox until Microsoft can fully patch this weakness, or upgrade your Internet Explorer to version 9 or 10 as soon as possible. If you are working for an organization or using software that requires backward compatibility to IE 7 or 8, you should consider having a serious discussion with the IT department about their reasons for maintaining what is increasingly becoming an untenable stance. If you are required to use IE 6 for some unfathomable reason, you should stop what you are doing immediately and consult with an IT professional, as IE 6 is a magnet for security exploits.

  • Tweet
Tagged under: browser, elderwood, exploit, internet explorer, microsoft, patch, security, zero day

What you can read next

Network Vulnerabilities Discovered in Medical Devices
Under Attack!
Security 1-2-3
Another Flaw Found in Intel Processors

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Update your tech vocabulary for 2023

    If there is one thing that the Internet excels ...
  • We sold our souls, but not how you might think.

    Part of an occasional series of articles that d...
  • “Low on Cyan.”*

    If you catch me at the end of a frustrating day...
  • GPTBot starts crawling the web. Resistance is futile.

    I know some of you are Trekkies, and even if yo...
  • Surprise, surprise. Hackers are using AI to bolster their attacks.

    The FBI held a press conference last week to co...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP