Web browser vulnerability used in cyberattacks: Microsoft

18 Jan, 2010

Microsoft said on January 14 that a vulnerability in its Internet Explorer Web browser was used to carry out cyberattacks which have prompted Google to threaten to leave China. "Internet Explorer was one of the vectors used in targeted and sophisticated attacks targeted against Google and other corporate networks," Mike Reavey, the director of Microsoft's Security Response Centre, said in a blog post.
He stressed that "to date, Microsoft has not seen widespread customer impact, rather only targeted and limited attacks exploiting IE6 (Internet Explorer 6)." Reavey said that changing Internet zone security settings to "high" would protect users from the vulnerability.
Microsoft's security advisory was issued shortly after Web security firm McAfee reported that the cyberattacks, which Google said originated in China, exploited a previously unknown vulnerability in Internet Explorer. Google said China-based cyber spies struck the Internet giant in an apparent bid to hack into the email accounts of human rights activists around the world.
Google said that over 20 other unidentified firms were also targeted in the "highly sophisticated" attacks while other reports have put the number of companies attacked at more than 30. Google said it had decided to no longer censor its Internet search engine in China and that it was prepared to shut down its operations entirely if it was unable to reach an agreement with the Chinese authorities.

Read Comments