According to Internet security company McAfee, a security vulnerability in Microsoft’s Internet Explorer allowed hackers in China to attack Google, Adobe and a large number of other companies, including Yahoo and Northrop Grumman. Microsoft has acknowledged this vulnerability and is currently working on a patch. Every machine running Internet Explorer 6, 7 and 8 on virtually every modern Windows operating system is affected by this vulnerability. In an unprecedented move, the German government has now told its citizens to avoid using Internet Explorer for the time being.
McAfee analysis showed that whoever tried to hack Google was using a previously unknown security vulnerability in Internet Explorer. It currently looks like the attackers targeted specific individuals and fooled them into opening a link or downloading a file onto their computers. Earlier reports claimed that a vulnerability in Adobe Acrobat made these attacks possible.
Infect, Conceal Access and Siphon Data
McAffee’s chief technology officer George Kurtz notes that this attack is a good example of the types of attacks that governments and large organizations are currently faced with. This new generation of malware is highly targeted and “designed to infect, conceal access, siphon data or, even worse, modify data without detection.”
According to the German government, users should switch to alternative browsers, as other hackers will surely start to exploit this same vulnerability within days.
Image credit: Flickr user nickrussill / CC BY 2.0