Vulnerability in Internet Explorer 7 is being exploited in the wild

(04/03/2009)

There is growing evidence of a vulnerability in Internet Explorer 7 being exploited in the wild. The vulnerability (known as MS09-002) allows malicious webpages to run code on your computer which could, of course, infect your PC, commandeer your computer to be part of a botnet, or steal your identity.

Hackers are increasingly using the web to infect unsuspecting computer users, so sadly it came as no surprise to come across several websites that were carrying code that exploited the vulnerability. The exploit attempts to install a Trojan. If executed the Trojan attempts to install a malicious DLL into the system folder (winnet.dll).

Users not using either HIPs or BOPs protection should also set about enabling these additional layers of protection that have proven themselves time and time again against new attacks.

Every month Microsoft issues a bundle of security patches for users of its software, and customers are urged to install them before the bad guys exploit them. Microsoft doesn't issue these patches and advisories for fun - make sure that you are keeping your users protected against the latest vulnerabilities.

Related topics:  Computer and PC Security   Hacking and intrusion prevention   Internet and Web security   Network Security   Security threats and vulnerabilities   Virus, Worm, Email security, spyware and malware 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources