Security researchers continued on Monday to
refine the basic Internet Explorer exploit used by China-based
attackers to compromise systems at Google and up to 33 other

On Thursday, an unknown submitter posted the original
exploit code, which takes advantage of a flaw in all versions of
Microsoft's Internet Explorer, to

, a malware analysis project run by the Computer Security
Group at the University of California at Santa Barbara. The next day,
the Metasploit project

added a module
to its framework to exploit the vulnerability.

The original exploit only worked on Internet Explorer 6 running
on Windows XP, Metasploit's researchers stated. The attack did not
implement known methods for getting around security measures in IE 7
and IE 8, according to Dan Kaminsky, director of penetration testing
for security firm IOActive.

Уведомить о
0 комментариев
Межтекстовые Отзывы
Посмотреть все комментарии