Pages Menu
Categories Menu

Posted by on Jun 14, 2012 in Internet |

Zero-day vulnerability in IE is being used to enter Gmail accounts

Zero-day vulnerability in IE is being used to enter Gmail accounts

and warned – separately – on a zero-day found in that is being exploited to access accounts. The failure of the browser, which is not patched at this time, exposes Windows users to attacks from remote code execution without the user noticing (just enter a website that has a trap installed).

Both companies agreed that the attacks are currently active, and it would be this problem that motivated now warn that Gmail users in the inbox about “attacks paid for by governments” .

Microsoft explained that the vulnerability could be exploited when a user visits a site from the Internet Explorer web specially formulated for the failure. “An attacker would have no way to force users to visit that site. Instead, the attacker would have to convince users, typically by getting them to click an e-mail or instant message that leads them to the attacker’s page. “

The vulnerability affects all versions of Windows. As yet no patch, Microsoft released a tool that blocks attacks that use this. The vulnerability is different from those patched on Tuesday in the latest patch bundle for the company.

Link: ‘State sponsored attackers’ using IE zero day to hijack Gmail accounts (ZDNET)

Tags: , , , , , , ,