Jan 14 2010

China Attackers Exploited Internet Explorer

Chinese attackers who mounted attacks on Google were able to do so by exploiting vulnerabilities in Microsoft’s browser, Internet Explorer, according to new info from McAfee. Microsoft was supposed to release an advisory about the Internet Explorer hole but has not done so yet.

The security flaw involves Internet Explorer’s handling of JavaScript. The malware involved opens a “back door” that allows the attacker to enter and control the entire compromised system. The attackers targeted only a few specific individuals. Internet Explorer is vulnerable to this attack on all recent Microsoft operating systems, including Windows 7.

Initially security researchers thought that a vulnerability in Adobe Reader was the problem. Adobe denied this, and it turns out they were right–their software appears to have no security issues associated with this recent attack.

Google released information about the attacks on Tuesday. They were not the only US company to be attacked: Adobe, Yahoo, Symantec, Juniper Networks, Northrop Grumman, and Dow Chemical were also targeted.

Via CNET, image via Microsoft.

3 Comments on this post


  1. It’s Time to Ditch Internet Explorer | NetbookBoards.com wrote:

    […] despite its many flaws and the plethora of better alternative browsers available for download. The recent attack on Google in China, however, has truly shown that it is time to stop using IE and switch to a […]

    January 19th, 2010 at 1:15 am
  2. Internet Explorer Under Attack, Again - Netbookboards wrote:

    […] new threat is not the same as the one used against Google in China. This malware replaces the code of “MessageBeep API” so that Internet Explorer cannot play a […]

    January 24th, 2010 at 6:08 pm
  3. Google Will End IE6 Support | NetbookBoards.com wrote:

    […] with Microsoft’s Internet Explorer 6. After all, it was a vulnerability in IE6 that allowed Chinese hackers to mount an attack against Google and target Chinese human rights activists’ Gmail accounts. […]

    January 31st, 2010 at 12:02 am


You must be logged in to post a comment.


Site Value
My site is worth:
What's your
Site Value?

Popular Posts