Security researchers continued on Monday to
refine the basic Internet Explorer exploit used by China-based
attackers to compromise systems at Google and up to 33 other
companies.

On Thursday, an unknown submitter posted the original
exploit code, which takes advantage of a flaw in all versions of
Microsoft’s Internet Explorer, to

Wepawet
, a malware analysis project run by the Computer Security
Group at the University of California at Santa Barbara. The next day,
the Metasploit project

added a module
to its framework to exploit the vulnerability.

The original exploit only worked on Internet Explorer 6 running
on Windows XP, Metasploit’s researchers stated. The attack did not
implement known methods for getting around security measures in IE 7
and IE 8, according to Dan Kaminsky, director of penetration testing
for security firm IOActive.

Оставить мнение

Check Also

Espruino Pico. Учимся программировать USB-микроконтроллер на JavaScript и делаем из него токен авторизации

Несмотря на огромное количество устройств на базе микроконтроллеров, созданных на волне ус…