Attackers recently leveraged a zero-day vulnerability in Internet Explorer (IE) as part of a targeted email campaign that tried to trick users into following a link to a legitimate website infected with malware, according to researchers at Symantec.
The vulnerability, revealed in an advisory by Microsoft, affects all supported versions of IE. Jerry Bryant, group manager of response communications at Microsoft's Trustworthy Computing Group, said that the software giant is not aware of any affected customers.
An exploit that tried to take advantage of the flaw showed up on a credible website but has since been removed, Bryant said in a blog post. He did not name the victim site.
Symantec researcher Vikram Thakur said in a blog post that engineers learned that a "select group of individuals" were targeted through fraudulent emails seeking to confirm hotel room reservations.
The body of the messages contained a link, which pointed to the page of a legitimate website that contained a script designed to learn which browser and operating system versions the victims were running. If they were using IE 6 and 7, the script automatically directed them to a drive-by download page. Otherwise, it took them to a blank page.
"Visitors who were served the exploit page didn't realize it but went on to download and run a piece of malware on their computer without any interaction at all," Thakur wrote. "The vulnerability allowed for any remote program to be executed without the end user's notice."
Symantec researchers discovered that despite many employees being targeted globally, few victims actually accessed the malware file, which means most were using a browser other than IE 6 or 7.
Thakur also did not name the compromised site but said it was taken down a short time after Symantec notified Microsoft of the threat.
The Microsoft advisory contains a workaround that IT administrators are recommended to follow.
In addition, IE 8, the latest version, contains Data Execution Prevention safeguards, which likely will protect users from an exploit.
See original article on scmagazineus.com
New Internet Explorer bug found in the wild
Fake hotel confirmation used.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
.png&h=140&w=231&c=1&s=0)
Partner Content
Elastic's Open Source Strategy Drives Innovation and Expansion
Promoted Content
AI in cybersecurity: weapon or shield?
Partner Content
Logicalis APAC CIO Report: The CIO’s 2025 Mandate
Microsoft Copilot Partner Hub
Sponsored Whitepapers
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
