Google & Adobe Attacked via IE Vulnerability

Google has reported that it has been attacked and can prove that the attacks came from China.  The attacks were originally reported to have leveraged Adobe’s zero-day vulnerability that was patched last week, however new reports and a retraction indicate that the single attack vector used in the Google attacks was the Microsoft zero-day Internet Explorer vulnerability.  According to the vice president of threat research at McAfee, the unpatched vulnerability in IE was the only exploit used to hack into several companies attacked in December and early January.  McAfee did not collaborate with all victims of the attacks but in all its cases the evidence was the same.

The code that was used in the attacks is now hosted on a public server.  It is also included in at least one publicly available hacking tool and can be seen in online attacks. 33 other companies were also targeted by the attack, including Adobe Systems, Symantec and Juniper Networks, Yahoo, Northrop Grumman and Dow Chemical were investigating the incident and have also been named as victims in published reports.

Judging from the amount of concern being heard, an out-of-cycle patch is a strong possibility.

http://www.wired.com/threatlevel/2010/01/operation-aurora/

Advertisements