State-sponsored attackers likely used IE hole to target Gmail accounts

Microsoft thanks Google in a security advisory for helping it resolve an IE vulnerability that appears to have been used by state-sponsored agents to attack Gmail accounts.

Microsoft is warning of “active attacks” using a hole in its XML Core Services technology that could allow an attacker to take control of a computer if a user was enticed to open a malicious Web page using Internet Explorer.

Microsoft has a Fix it tool that blocks the attack vector for the vulnerability, but has not issued a security patch yet. Computers running Windows, Office 2003 and Office 2007 are affected.

In its security advisory on the issue, Microsoft acknowledges the Google Security Team for working with the company on the MSXML Uninitialized Memory Corruption Vulnerability. Microsoft also thanks a Chinese security team, Qihoo 360 Security Center, for reporting the vulnerability.

The advisory comes one week after Google began warning Gmail users when they the company detects that state-sponsored phishing or malware attacks are targeting the accounts. Google previously has warned users about attacks that appeared to originate in China, including attacks in 2009 that involved a vulnerability in IE.

Related stories

Ryan Naraine at CNET sister site ZDNet, citing an unnamed source, reports that the attacks using the IE hole was the catalyst for Google’s warning about state-sponsored attacks.

A Google spokesman told me that the state-sponsored warning is not tied to any specific attack but is representative of a larger class of attacks, and pointed to the company’s original blog post when asked to elaborate.

So, it sounds like the IE attacks are just one of the attacks being used to target Gmail users.

Meanwhile, Microsoft also patched 13 vulnerabilities in IE in its most recent Patch Tuesday update yesterday.

Related Links:

Google warns Gmail users about state-sponsored email hacking

How to protect your Gmail account from state-sponsored hacking

Massive targeted cyber-attack in Middle East uncovered

LinkedIn’s leaky network security

Israel: Don’t blame the Flame cyberattack on us

via CNET Latest News

Lascia un commento