Internet Explorer zero-day alert: Attackers hitting unpatched bug

  • 0 Replies

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10660

Attackers hitting unpatched bug in Microsoft browser

Microsoft is being urged to rush out a patch for a bug in Internet Explorer that's being used in attacks.

 A well-resourced hacking group is using a previously unknown and unpatched bug in Internet Explorer (IE) to infect Windows PCs with malware.

Researchers at Qihoo 360's Core security unit say an advanced persistent threat (APT) group is using the IE vulnerability on a "global scale", which is being delivered to select targets via malicious Office documents loaded with it calls a "double-kill" vulnerability.

Victims are required to open the Office document, which launches a malicious webpage in the background to deliver malware from a remote server.

Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-