Internet Explorer Flaw Generates Google Nation-State Attack Message

By John P Mello, 15-Jun-2012

Microsoft issued a patch to address the vulnerability in IE, but the flaw triggering the warning message was not addressed.

A security flaw in Internet Explorer is triggering messages in some users’ Gmail accounts that they may be the target of an attack from a nation-state.

The vulnerability in IE was revealed by Microsoft on "Patch Tuesday," a day designated by the company every month to move fixes to its software programs.

Although the package of fixes includes a patch to address the vulnerability in IE, the flaw triggering the warning message was not addressed in the package. 

"The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer," Microsoft explained in an advisory. 

In order for a hacker to exploit the vulnerability, an IE user needs to land on an infected webpage. To steer traffic to such pages, cybercriminals will typically use phishing e-mails or instant messages containing links to the infected locations.

Until Microsoft patches the vulnerability, the company is offering a temporary solution that can be downloaded from its Technet website. 

According to cybersecurity software maker Trend Micro, the vulnerability has prompted Google to issue warnings to some of its Gmail users. "Google is flagging attempts to exploit this vulnerability by noting 'Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer,'" it said in an e-mail to PCWorld.

"Reports show that this vulnerability has been used to compromise Gmail accounts," it added.

A number of Gmail users have reported on Twitter that they received the nation-state warning, but those tweets date back to days before the Microsoft advisory. Therefore, there's no way to know if they were triggered by the vulnerability or some other attack on Gmail users. 

Google added the nation-state warning earlier this month. The warning doesn't mean that a Gmail account has been compromised, only that Google has detected that an account is under attack. Google declined to release details about how it knows one of its Gmail accounts is under attack. 

The vulnerability in IE that allows the drive-by attacks is located in Microsoft XML Core Services. Microsoft XML Core Services provides a set of W3C compliant XML APIs that allows users to use Jscript, VBScript and Microsoft development tools to develop XML 1.0 standard applications, Trend Micro explained in a blog

Using the vulnerability, it said, an attacker can craft a website to host a malicious webpage invoking affected MSXML APIs, which in turn accesses a COM object in memory that has not been initialized. The vulnerability is exploited when a user opens these crafted pages using IE.

Source: PC World (US)


  • AMD may Build ExactTrak Data-zapping into its Chips, to Compete with Intel vPro

    AMD said Thursday that it signed a deal with ExactTrak to embed the security company's technology inside its microprocessors. While no new products accompanied the announcement, the deal leaves open the possibility that AMD-based PCs could be remotely zapped--yes, literally--by users or network administrators.

  • Intel to Close $15 bn (about Rs 90,000 crore) Deal to buy Altera

    California based global tech giant, Intel, is set to close a deal to buy fellow chip maker Altera Corp. for about $54 (about Rs 3,480) per share, 15 percent more than Altera’s closing share price on Thursday, $47 (about Rs 2,620).

  • Server Sales Bolstered by Cloud Expansions

    Server vendors recorded the strongest shipment growth in over four years for the first quarter, mainly driven by continued investments in the hyperscale server infrastructures that power public and private clouds.

  • Salesforce Doubles Down on Big Data with New Analytics Tool

    All the data "lakes" in the world won't amount to much if you can't figure out what they mean for your business. With that in mind, Salesforce on Thursday unveiled Salesforce Wave for Big Data, a new tool designed to help business users make sense of their information stores using the Salesforce Analytics Cloud.

More news »