[Owasp-singapore] After the recent Firefox 0-day, now it is IE's turn.

Wong Onn Chee ocwong at usa.net
Wed Nov 3 22:12:27 EDT 2010


http://www.microsoft.com/technet/security/advisory/2458511.mspx
http://www.cso.com.au/article/366801/hackers_exploit_unpatched_ie_bug_drive-by_attacks?eid=-302&uid=45760

"Antivirus vendor Symantec said that it had first seen exploits aimed at
the IE bug several days ago when it came across spam that had been sent
to select individuals within some organizations. The messages posed as
hotel reservation notifications.

"Within the e-mail, the perpetrators added a link to a specific page
hosted on an otherwise legitimate site," said Symantec researcher Vikram
Thakur in an entry on his company's blog
<http://www.symantec.com/connect/pt-br/blogs/new-ie-0-day-used-targeted-attacks>
. "The hackers had gotten access to the Web site account and uploaded
content without the owners knowing."


-- 

Best Regards
Onn Chee

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20101104/11fb9528/attachment.html 


More information about the Owasp-singapore mailing list