The cyber attack from China that hit Google and 33 other companies in December leveraged a zero-day flaw in Internet Explorer.
"In our investigation we discovered that one of the malware samples involved in this broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer," said McAfee CTO George Kurtz in a blog post on Wednesday. "We informed Microsoft about this vulnerability and Microsoft is expected to publish an advisory on the matter soon."
"The vulnerability exists as an invalid pointer reference within Internet Explorer," the advisory states. "It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution."
Google disclosed the attack in a blog post on Tuesday, saying that it had resulted in the theft of some of the company's intellectual property.
Friday, January 15, 2010 No comments
There is more.
It is not clear how this flaw came to exist or how it was used to exploit and attack Google and other companies. Apparently zombie computers were used in the attacks.
My speculation is that China will not prosecute those responsible for the attacks. [source]