Internet Explorer | Breaking Cybersecurity News | The Hacker News

Microsoft has released an advance notification of 9 security bulletins that it plans to release on April 9, 2013. Microsoft said it will patch nine vulnerabilities in total and two of them rated critical and that of the remaining 7 as Important. The critical vulnerabilities are remote code execution issues. First vulnerability affects Microsoft Windows and Internet Explorer while the second vulnerability affects Microsoft Windows.  The vulnerability will fix a flaw that allows a drive-by attack, which hackers can exploit to attack machines running the software using malware loaded websites. Earlier this year, Microsoft released an emergency update for Internet Explorer after all the commotion about the security holes in Java. The update aimed to patch a security vulnerability in Internet Explorer that is being used for attacks on government contractors and other organisations. The remaining 7 vulnerabilities pertain to issues affecting Microsoft Office, Microsof...

Microsoft next updates are fully loaded with 57 different security vulnerabilities through 12 separate updates. It will roll out fixes as it always does on Patch Tuesday, the second Tuesday of every month. Anyone who uses Windows as their primary operating system will be quite familiar with Patch Tuesday. According to Microsoft's advisory , The 12 security update including two for Internet Explorer (IE), that will patch a near-record 57 vulnerabilities in the browser, Windows, Office and the enterprise-critical Exchange Server email software. Part of this update will be security patches for every single version of Internet Explorer. Apparently, this is to address a security hole that leaves users open to being exploited through drive-by attacks. Out of the 12 updates, five are considered “ critical, ” and others are labeled “ important, ”. As always, the critical patches will automatically install for any Windows users with automatic updates enabled. Two of...

Last week we have seen ongoing attacks was exploiting a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 that came to light after the Council on Foreign Relations website was hacked and was hosting the code. Symantec has linked exploits to the group responsible for a spate of recent espionage attacks Dubbed the " Elderwood Project ". In May 2012, Amnesty International’s Hong Kong website was compromised & used to serve up a malicious SWF file that exploited CVE-2012-1875, a vulnerability affecting Internet Explorer. A few months later in Sep 2012, the same group behind that attack was responsible for using another IE zero-day CVE-2012-4969. Microsoft issued a temporary Fix-it patch for the vulnerability but now researchers are claiming that they have bypassed the patch and were able to compromise a fully patched system. Name comes from a source code variable used by the attackers. In the past, the group has used a mix o...

Last week Council on Foreign Relations website was compromised and recently hit by a drive-by attack using a zero day Internet Explorer 6 vulnerability for Cyber Espionage attack, suspected by Chinese Hackers. Later Microsoft confirmed that  Internet Explorer 6, 7, and 8 are vulnerable to remote code execution hacks. According to researcher  Eric Romang , CFR watering hole attack (CVE-2012-4969 and CVE-2012-4792) has also target Capstone Turbine Corporation website since mid-September. He was able to find a cached version of the first JavaScript that starts the drive-by attack. Then on further search finds that by doing a Google dork search site:capstoneturbine.com “_include”  we can see something strangely like CFR.org “news_14242aa.html“ file. Capstone Turbine Corporation is the world’s leading producer of low-emission microturbine systems, and was first to market with commercially viable microturbine energy products. Capstone Turbine has shipped tho...

Last Friday, we reported that the website of the U.S. Council of Foreign Relations was allegedly compromised by Chinese hackers who exploited the zero-day bug that was only discovered that same day. The CFR website was compromised with JavaScript that served malicious code to older IE browsers and the code then created a heap-spray attack using Adobe Flash Player. Yesterday former hacker Bryce Case Jr (YTCracker) tweeted about a new zero day exploit threatening all users of IE8, " internet explorer 6-8 0day making the rounds force them toolbar installs and keyloggers on exgf while you still can... ". On Saturday, Microsoft published a security advisory warning users of Internet Explorer 6, 7, and 8 that they could be vulnerable to remote code execution hacks. The vulnerability is a remote code execution vulnerability that exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vuln...

Web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected earlier this week. Hacker are suspected to be from China , who are exploiting a zero day  Internet Explorer vulnerability for Cyber Espionage attack against one of American most elite foreign policy web groups. According to Fireeye  researchers, a malicious content on the website was hosted by hackers, that is exploiting Internet Explorer version 8.0 (fully patched version) to hack windows systems of visitors. " We have chosen not to release the technical details of this exploit, as Microsoft is still investigating the vulnerability at this time. "  Once the system compromised, hackers look for valuable information from their computers, kinda Cyber Espionage. The FBI was notified of the attack and is said to be investigating. The CFR is one of the most elite foreign policy organizations in the United States w...

A vulnerability in different versions of Microsoft‘s widely used browser Internet Explorer can allow hackers to track the movements of your mouse. Microsoft is investigating reports of a mouse-tracking flaw that puts virtual keyboards and keypads at risk to remote monitoring. Spider.io, a UK-based company in the advertising analytics field, alleged that two unnamed companies are improperly using a flaw that allows them to track whether display advertisements, sometimes buried far down in web pages, are actually viewed by users. Almost every US-based user of Internet Explorer will have their mouse cursor tracked via this exploit almost every day they browse the web. Microsoft has confirmed that every version of Internet Explorer, from version 6 dating back to 2001 up to 10, released this year, is vulnerable. How this works ? All a hacker needs to do is, buy a ad space on any webpage and wait until a user visits it. If the tab remains open, the hacker has continuous access to use...

With the release of the Microsoft security bulletins for December 2012, Company flag total 7 updates for Windows users, where one is rated as critical that could lead to remote code execution, where as other two are rated as important which fix flaws that could result in the operating system's security features being bypassed. All of the IE fixes involve use-after-free memory vulnerabilities. Where as kernel level exploits bundled into mass-exploitation kits is like Blackhole. In addition to IE, Microsoft is fixing a critical flaw in Microsoft Word that could enable attackers to execute remote code. The vulnerability could be exploited by way of a malformed Rich Text Format (RTF) document. Also Fonts can also be used as a potential attack vector, as this Patch Tuesday reveals. A pair of critical font parsing vulnerabilities are being patched this month, one for OpenType and the other for TrueType fonts. Details of all Updates : MS12-07...

The new zero day exploit has been discovered and being exploited in the wild. This can be used to load malicious application on victim machines running fully patched Windows XP SP3 along with the latest editions of the IE 7 and IE 8 browser and Adobe's Flash software. Eric Romang  was  examining one of the servers used to launch attacks on vulnerable Java installations in past, and he says that he has found a new zero day exploit for Microsoft's Internet Explorer web browser. He said, " I can confirm, the zero-day season is really not over yet ." AlienVault Labs researcher Jaime Blasco reported that, " the gang behind the Java attacks in August and September may be moving on: with domains used in that attack located at new IP addresses and serving up the new and more potent attacks ." As shown in above image example, the file exploit.html creates the initial vector to exploit the vulnerability and loads the flash file Moh2010.swf, which ...

Microsoft has issued a warning about a significant flaw in the Internet Explorer browser that could allow hackers to control unprotected computers. The vulnerability permits hackers to inject malware into any system by tricking users into visiting malicious websites. This affects anyone using Internet Explorer (IE) versions 6 to 8. The exploit code for this bug has already been published. Although Microsoft has stated there is no current evidence of its use by criminals, they are "investigating" and working on a permanent fix, according to a report by the Daily Mail. Dave Forstrom, director of Microsoft's Trustworthy Computing group, said, "We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact." The bug targets how the browser manages a computer's memory when processing Cascading Style Sheets (CSS), which are design instructions that dictate the appearance of most web pages. Hackers can inject their own...

An exploit exploiting an unpatched vulnerability in Internet Explorer (IE) has gone public. Security researcher Shahin Ramezany announced in a Tuesday tweet that he successfully exploited the flaw, which involves how IE handles CSS style sheets on Windows 7 and Vista machines. Offensive Security, a provider of security tools and training, posted a video demonstrating the code execution on Monday. On Wednesday, the exploit code was added to the open-source Metasploit hacking toolkit. This flaw can bypass two built-in Windows security features: Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), according to Ramezany. Microsoft has not yet confirmed the vulnerability. "We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," said Dave Forstrom, director of trustworthy computing at Microsoft, in an email to SCMagazineUS.com on Wednesday. "Once we're done investigating, we will take appropriat...

A new computer worm is denying Facebook users access to their accounts. The worm, named "W32.Yimfoca" by the security company Symantec, spreads through Yahoo! Messenger and specifically targets Facebook users. It forces them to complete surveys before they can log into their profiles. The worm begins by sending an instant message containing a corrupted link. When a user clicks the link, the worm installs malware on their system. Later, when users visit Facebook, they see a message stating, "Your account is suspended. To make your account active, you need to complete one of these surveys," followed by a list of options like "Test Your Celebrity IQ here" and "Win a FREE iPhone 4." If users choose to fill out a survey, another message appears: "You have only 3 minutes to fill out the selected survey or you will not have access to your account." Each time a survey is completed, the creators of the worm earn $1, according to Symantec. The ...