IE vulnerability was one of the vectors used to attack Google and other U.S. companies
Google, Adobe, Yahoo, Symantec and a number of other silicon valley companies were targeted last week by hackers who stole source code. The attacks apparently originated in China, and Microsoft has acknowledged that a vulnerability in Internet Explorer was one of the vectors used.
The vulnerability affects versions 6, 7 and 8 of IE running on most current Windows operating systems. It works like this: a user clicks on a link in email or IM that takes the user to a web site where malware is downloaded to the computer.
This allows the attacker to take control of the computer on the targeted network.
Microsoft is currently developing a fix. In the meantime, the workaround is to set the Internet Security Zone in IE to "high" and enable DEP.
DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)