IE Zero Day Attacks Go Way Back

Wednesday, October 2, 2013 @ 11:10 AM gHale

While the latest Internet Explorer Zero Day does not yet have a patch, it appears the vulnerability has been suffering exploitation for a longer time than initially believed.

Microsoft did acknowledge the existence of the vulnerability and said attackers were leveraging the holes. The software giant did issue a Fix it tool to mitigate the problems until a patch can release.

IE Zero Day Attack Hits Japan
IE Zero Day Warning
Patch Tuesday Fixes Reissued
Microsoft Releases 13 Bulletins

Since then, FireEye researchers linked the attacks to the Chinese hacking group that hit Bit9 earlier this year, and said the campaign called “Operation DeputyDog” focused on Japanese organizations and started on August 19 at the latest.

Then, on Thursday, researchers from AlienVault and Websense released their findings regarding the exploit used.

Researcher Jaime Blasco said they spotted the exploit hosted on a subdomain of Taiwan’s Government e-Procurement System, and found users that visited the main page for the first time would instantly end up redirected to the exploit page and served with a malicious file.

Not all visitors ended up targeted as just those whose Windows XP or Windows 7 systems running in English, Chinese, French, German, Japanese, Russian, Korean, and Portuguese, and use Internet Explorer 8 or 9.

Leave a Reply

You must be logged in to post a comment.