As predicted, the zero-day flaw in multiple versions of Microsoft’s web browser, Internet Explorer, is now being actively exploited by multiple APT (Advanced Persistent Threat) groups in attacks that are targeting large numbers of people. The most publicized and successful of these attacks have been focused on government websites. Their primary purpose: to install rootkits on government worker machines to facilitate access to confidential government documents. On top of the growing number of attacks leveraging this weakness, the Metasploit framework (an open source hacking tool used by security researchers and white-hat hackers) just released a module to the public that demonstrates how this security flaw can be used to hack IE, theoretically making it even easier for malicious agents to understand and develop their own exploits. Microsoft has yet to say when a patch will be released to fix this weakness, which affects just about every version of IE from 6 through 10.
What this means for you:
If you are using Internet Explorer, whether by corporate mandate or by choice, make sure you’ve applied Microsoft’s temporary fix, or ask your IT guy if they’ve distributed the fix throughout the company. If you work for the government, either as an employee or contractor, be extra wary of strange behavior on your computer, and ensure that your antimalware software is fully functional and up to date.
If you are using some other browser, you don’t have to worry about this particular exploit, but as always, remain ever vigilant and make sure your OS, software and antimalware are fully patched!