Security researchers continued on Monday to
refine the basic Internet Explorer exploit used by China-based
attackers to compromise systems at Google and up to 33 other
companies.

On Thursday, an unknown submitter posted the original
exploit code, which takes advantage of a flaw in all versions of
Microsoft's Internet Explorer, to

Wepawet
, a malware analysis project run by the Computer Security
Group at the University of California at Santa Barbara. The next day,
the Metasploit project

added a module
to its framework to exploit the vulnerability.

The original exploit only worked on Internet Explorer 6 running
on Windows XP, Metasploit's researchers stated. The attack did not
implement known methods for getting around security measures in IE 7
and IE 8, according to Dan Kaminsky, director of penetration testing
for security firm IOActive.

  • Подпишись на наc в Telegram!

    Только важные новости и лучшие статьи

    Подписаться

  • Подписаться
    Уведомить о
    0 комментариев
    Межтекстовые Отзывы
    Посмотреть все комментарии