Monday, November 23, 2009 2:28 PM
cmosby
Internet Explorer Vulnerability Exploit Detected – Tren Labs Malware Blog
Threat researchers have been alerted to the discovery of a new exploit targeting Internet Explorer. Analysts have conducted tests and confirmed that the exploit affects versions 6 and 7 of the browser. Although the exploit is currently unreliable, cybercriminals may be able to create a reliable exploit in the near future. This may allow them to exploit websites and infect visitors. However, an attack may only succeed if hackers lure victims to specially crafted malicious Web pages or compromised websites. The attack also requires JavaScript in order to exploit Internet Explorer.
The exploit targets a vulnerability with regard to how Internet Explorer uses cascading style sheet (CSS) information. Trend Micro detects this exploit as HTML_SHELLCOD.WT and protects users via the Smart Potection Network.
Internet Explorer users are advised to make sure their antivirus definitions are up-to-date. Disabling JavaScript and visiting trusted sites until fixes become available from Microsoft are also suggested.
SHARETHIS.addEntry({ title: "Internet Explorer Vulnerability Exploit Detected", url: "http://blog.trendmicro.com/internet-explorer-vulnerability-exploit-detected/" });