IE Vulnerabilities 30% or more of internet users at risk

February 17th, 2014 by Stephen Jones Leave a reply »

Microsoft late Thursday said that both Internet Explorer 10 and its predecessor, IE9, were under attack by hackers exploiting an unpatched flaw in the browsers. The extension of the vulnerability to IE9 followed confirmation earlier yesterday that active attacks are compromising the newer IE10 and hijacking PCs running the browser.

With both IE9 and IE10 vulnerable and under attack, it means that about a third of all those using Internet Explorer are at risk.
Milpitas, Calif.-based FireEye was the first to spot the attacks, and said that they had been aimed at IE10 as part of a campaign targeting current and former U.S. military personnel when they visited the Veterans of Foreign Wars (VFW) website.

San Diego security company Websense said it had found evidence that the exploit may have been used as early as Jan. 20, or more than three weeks ago.Websense also speculated that those earlier attacks had been aimed at visitors to a French aerospace association’s website. Members of the organization, GIFAS (Groupement des Industries Francaises Aeronautiques et Spatiales), include defense and space contractors and subcontractors.

Microsoft’s advice to customers is that they upgrade to IE11 -(not possible for those still running Windows Vista. Most Vista users are likely running IE9, since Microsoft automatically upgraded their copies from IE7 or IE8 to the then-new IE9 in the first half of 2012.

Advertisement

Leave a Reply

You must be logged in to post a comment.