Page 1 of 1

IE8 zero-day flaw targets U.S.

PostPosted: Wed Jun 05, 2013 12:45 pm
by DaFoxx
IE8 zero-day flaw targets U.S. nuke researchers; all versions of Windows affected
http://www.zdnet.com/ie8-zero-day-flaw- ... 000014908/

read it through, and it all points to the good old boys of Red China back in business

Summary: Security researchers have discovered a previously unreported zero-day attack that targets U.S. government nuclear weapons scientists and researchers. Microsoft has warned Internet Explorer 8 users to upgrade to a later version of the browser, as the potentially affects at most one-quarter of all IE users.


Attackers have exploited a previously unknown vulnerability in Internet Explorer 8, which targets U.S. government workers involved in nuclear weapons research.

According to multiple security research firms, the vulnerability has been used to launch specifically-targeted "watering hole" attacks aimed at U.S. government workers — such as those at the U.S. Department of Labor and the U.S. Department of Energy — the latter which focuses on nuclear weapons research and testing.

The specific site that was hacked, the Dept. of Energy's Site Exposure Matrices (SEM) website, deals with "nuclear-related illnesses" linked to Dept. of Energy facilities of employees who may have fallen ill developing or disarming nuclear weapons, according to NextGov.

It's not clear whether any data was stolen or if classified documents were at risk.

Re: IE8 zero-day flaw targets U.S.

PostPosted: Wed Jun 05, 2013 12:50 pm
by DaFoxx
further to this
http://www.zdnet.com/microsoft-fixes-tw ... 000015369/

MS seem to have patched it now
date of above was early May - 5th, this from 14th, so just over a week to get a patch sorted and posted isn't too shabby, considering the sheer scale of the beastie

Re: IE8 zero-day flaw targets U.S.

PostPosted: Wed Jun 05, 2013 6:14 pm
by rapier57
Yeah, sheer scale. IE8. Why are there so many still using it?

Left IE8 in the dirt a few years ago.

IE8, die die die.

:dragons:

:insanity1:

Re: IE8 zero-day flaw targets U.S.

PostPosted: Wed Jun 05, 2013 6:50 pm
by DaFoxx
still supporting IE SIX :shock: at work, and that is 25 000 + users all on XP too of course