Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Serious bug in fully patched Internet Explorer puts user credentials at risk

February 2015 by Marc Jacob

A vulnerability in fully patched versions of IE is allowing attackers to steal login credentials and inject malicious content into users’ browsing sessions. Microsoft engineers are working to patch this universal XSS vulnerability. Please see below for comments from TK Keanini, CTO at Lancope and Stephen Coty, chief security evangelist at Alert Logic.

TK Keanini, CTO at Lancope

"Folks should know that browsers have a very complicated code base and that this situation is not the first nor is it the last. To mitigate the risk, I recommend always having multiple browsers available and until this is fixed, to use an alternate like Firefox or Chrome. In the future, I’m sure one of those alternates will have a major flaw and you can navigate with the alternates until it is fixed. The good news is that you have choices these days so use them."

Stephen Coty, chief security evangelist, Alert Logic

"This Cross-Site Scripting (XSS) bug is a very limited vulnerability that affects only the users of Internet Explorer 11 on two Microsoft Platforms. The user would have to visit a website, legitimate or malicious, that has been compromised with an iframe injection. An Iframe Injection is injected frames that allow a visual HTML Browser window to be split into segments, each of which can show a different document. Some Iframes will take advantage of blanks space on a website waiting for a users to move that mouse over that frame which will then start a process that will lead to compromise.

The hacker(s) are setting up innocent looking sites or compromising a legitimate site to load them with hacking tools like Zbot/Zeus and Cryptolocker. The iframe code in the compromised sites will initiate a process to that redirects anyone visiting that site to the hackers infection site, where the person’s computer will be injected and infected. The simple solution is to migrate to another browser like Chrome or Firefox until a patch has been released."

See previous articles


See next articles