informa
Commentary

Alert: Hacked Hong Kong Porn Site Spews IE Attacks

Microsoft is warning of a large increase in the number of attacks aimed at an Internet Explorer vulnerability left unpatched last week. Some of the early attacks originated from a compromised Hong Kong pornserver, but the number of infected legitimate sites is in the thousands and climbing rapidly.
Microsoft is warning of a large increase in the number of attacks aimed at an Internet Explorer vulnerability left unpatched last week. Some of the early attacks originated from a compromised Hong Kong pornserver, but the number of infected legitimate sites is in the thousands and climbing rapidly.The XML attacks that began to be tracked late last week were originally thought to affect only Internet Explorer 7; current feeling is that all versions of Explorer are at risk.

Microsoft's initial warning, released Saturday, noted the compromised Hong Kong porn site, but also commented on the spread of the Trojan-dropping exploit to less prurient sites, including a Taiwanese search engine, later cleaned.

Microsoft estimated that 0.2 percent of the world's computers had been exposed to compromised sites, which number in the thousands.

The IE vulnerability is about as widespread through the browser's versions and iterations as possible. Microsoft's Security Advisory notes that the problem exists on:

"Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable."

The same advisory includes workarounds aimed at minimizing the risk.

Best way to avoid the risk, though, might be to shift to Firefox.

Recommended Reading: