Hackers Rush To Exploit IE Flaw Before It’s Fixed

In late 2009, hackers at Google Inc. got into the company’s internal systems by exploiting a flaw on Microsoft Internet Explorer. Thirty-three other companies, including Adobe Systems, Dow Chemical Inc. and Yahoo Inc., were reportedly hacked as well.

In an article on the IT World Canada website, Robert McMillan says the code used in the attack is now public, since it was submitted for analysis to the Wepawet website. Dave Marcus, director of security research and communications at security software vendor McAfee Inc., told IT World Canada that the code has been included in at least one publicly available hacking tool, and warned that it could show up in online attacks.

According to the article, Microsoft could rush out an emergency “out-of-cycle” patch to fix the flaw. Marcus said he thought that was likely. “It’s too good of a vulnerability for most of the bad guys to overlook,” he told IT World Canada.

To read the IT World Canada article, please click here: