Welcome Guest Login | Register | Site Map | | Make TelecomTiger my homepage     
Telecom News
Enterprise |  Policy & Regulation |  Mobiles & Tabs |  Corporate |  VAS |  People Movement  |  Technology  |  LTE
Cyber Security
Its a warning time for Internet Explorer versions 6 to 11: Hackers attack after Microsoft stopped support of Windows XP
TT Correspondent |  |  28 Apr 2014

Microsoft was scrambling Sunday to repair a security hole in its widely used Internet Explorer web browser, saying it had detected attempts to exploit the flaw. The flaw affects Internet Explorer versions 6 through 11.These versions dominate desktop browsing, accounting for 55 percent of the PC browser market, because Microsoft stopped supporting the 13-year-old operating system earlier this month, reports, Agence France-Presse (AFP).

Earlier this month, the “Heartbleed” flaw in Internet security saw everyone from website operators and bank officials to casual Internet surfers and governments being told their data could be in danger.

The Heartbleed bug seems focused on user data and hackers, it’s also possible that the server could extract personal user data from any client.

Cybersecurity firm FireEye, which took credit for identifying the flaw, said hackers were exploiting the bug in a campaign nicknamed "Operation Clandestine Fox."

The vulnerability was reported to Microsoft by research firm FireEye. FireEye says that, while the vulnerability affects all versions of IE, the attack is specific to versions 9, 10 and 11. It is a "use after free" attack in which memory objects in the browser are manipulated after being released. The attack bypasses both DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization).

                               

While all versions of IE contain the vulnerability, security vendor FireEye, which initially reported the flaw, has only seen IE 9 to 11 being attacked. According to the company, the attackers are using a “well-known Flash exploitation technique” to gain access to memory and bypass Microsoft’s built-in anti-exploit technologies.

The company said, IE users to download and install its Enhanced Mitigation Experience Toolkit (EMET), a free tool that can help strengthen security on Windows. EMET must be version 4.1 or higher to prevent an attack using this flaw.

This is the first major vulnerability since Microsoft stopped support of Windows XP on April 8, supporting the older operating system with security patches and other software updates.
    
 mail this article    print this article    Show and Post comment
28 Apr 2014(IST)  
Whitepaper
Maintain Business Continuity with Cisco ASR 9000 nV Technology
It is a virtual chassis solution where a pair of ASR 9000 routers acts as a single device by maintaining a single contr...read more
Simplify Your Network with Cisco ASR 9000 nV Technology
With the new Cisco Network Virtualization (nV) technology in the Cisco ASR 9000 Series Aggregation Services Routers, se...read more
Cisco Small Cell Solution: Reduce Costs, Improve Coverage
It is designed to address the challenge of mobile service coverage and to expand network capacity...read more
About Us  |    Advertise  |  Contact Us  |  Feedback   |  Careers
Copyright @ AT Data Process Pvt. Ltd 2012-2013  Terms of use
This site is best viewed in Internet Explorer 6.0 and higher versions, at a resolution of 1024 x 768 pixels