Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: InfoSec News (alertsinfosecnews.org)
Date: Mon May 06 2013 - 01:41:36 CDT
By Dan Goodin
May 3 2013
Attackers exploited a previously unknown and currently unpatched
security bug in Microsoft's Internet Explorer browser to surreptitiously
install malware on the computers of federal government workers involved
in nuclear weapons research, researchers said Friday.
The attack code appears to have exploited a zero-day vulnerability in IE
version 8 when running on Windows XP, researchers from security firm
Invincea said in a blog post. The researchers have received reports that
IE running on Windows 7 is susceptible to the same exploit but have not
been able to independently confirm that. Versions 6 and 7 of the
Microsoft browser don't appear to be vulnerable.
Update: In an advisory published a couple hours after this article went
live, Microsoft confirmed a code-execution vulnerability in IE8.
Versions 6, 7, 9, and 10 of the browser are immune to the exploit.
People using IE8 should upgrade to versions 9 or 10, if at all possible.
Those who are unable to move away from version 8 should take the
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!