Microsoft releases urgent browser patch to curb online attacks

Share this article:

Microsoft on Friday released an emergency patch to address a recently discovered zero-day vulnerability in Internet Explorer (IE). Details of in-the-wild exploits taking advantage of the bug were made public on Sept. 16 by Eric Romang, a researcher and contributor to the Metasploit Project. The flaw could allow attackers to spread the remote access trojan (RAT) Poison Ivy. Researchers linked the exploits to the Nitro crime gang, a group also believed responsible for serving recent Java 7 attacks. The out-of-cycle fix from Microsoft also includes updates for four other bugs affecting IE 9 and earlier versions.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.