14 DAY TRIAL // Expanding the concept of user protection beyond the traditional meaning associated with browser security, Microsoft warned that surfing adult content websites with Internet Explorer could expose users to attacks involving exploits of a yet unpatched vulnerability in all supported versions of IE, including IE8 Beta 2. The Redmond company informed that the exploit was associated not only with adult content, but also with legitimate websites that had been taken over by attackers.
“Some legitimate websites were maliciously modified to include the exploits. For example, a popular search engine in Taiwan was found to be hosting the exploit. Luckily, that site was quickly cleaned. Secondly, we’ve noticed some pornography sites have started hosting these exploits too: We recently found a web site in Hong Kong that serves various content including adult entertainment,” Microsoft's Ziv Mador and Tareq Saade explained.
As of December 12, 2008 Microsoft confirmed that all versions of Internet Explorer were impacted by the exploits targeting the 0Day (Zero Day) vulnerability affecting the XML parsing engine and the library MSHTML.DLL. The Redmond company explained that the security flaw was caused by an invalid pointer reference residing in the data binding function of IE.
According to the Redmond company, only Internet Explorer 7 on all supported versions of the Windows operating system is under attack. However, all IE releases are vulnerable, including Internet Explorer 8 Beta 2 running on Windows Vista SP1, Windows XP SP3, and Windows Server 2008. Microsoft did not indicate in any manner if users of Internet Explorer 8 Beta on Windows 7 were also at risk.
“Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability. That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: we saw an increase of over 50% in the number of reports [on December 13] compared to [December 12],” Mador and Saade added.