Jump to content

New IE, Media Player attacks begin, email lures us

Recommended Posts

Emailed bait to exploits of the still-unpatched vulnerability in Internet Explorer have been sent, a security company said Monday, escalating the threat facing Windows users. In addition, an earlier zero-day bug in IE is now being exploited in the wild, and an unfixed flaw in Windows Media Player is behind a third attack.

San Diego-based Websense said it was starting to see mass-mailed lures, ie messages with links to sites hosting a Vector Markup Language (VML) exploit. The sites, noted Websense, are using the WebAttacker "kit" that has been updated to include the VML exploit.

The message cited by Websense drew users to a page posing as a Yahoo Greeting Card. Users' PCs are compromised as soon as they hit the bogus site, since the VML exploit code is hidden in a 1-by-1-pixel iframe that looks like nothing more than a stray dot on the page. The site downloads and installs an IE Browser Helper Object that directs all HTTP posts to forms - such as a logon form for an online bank - to a third party. The object, naturally, is to collect lucrative financial information like bank or credit card account data.

Link: -> VML (VIRUS Markup Language) exploit


Cheers from your intrepid webreporter book.gif

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...