Just a few days after a critical vulnerability was detected in Java 1.7, we now find a new vulnerability being used in the wild, this time the compromised system is Internet Explorer. Microsoft’s browser has been compromised by a group of cybercriminals, who have discover a security hole and have created several malicious web pages that, by exploiting this breach on the browser, download malware elements into the users’ computers.
The malware that is currently being distributed is part of the already known Poison Ivy Trojan family, and it gets into the computer when the user visits one of the compromised websites when using Internet Explorer as a browser. Without the user’s notice, the Trojan is downloaded silently to his computer, entering through the browser’s security hole. The Trojan is a specialist in taking control of infected computers, which allows the cybercriminal to steal the user’s sensitive information, such as passwords, banking data, etc.
At Panda Security we protect our clients and users against this Trojan, but we are sure that the cybercriminals are already working on new malware programs that exploit this Internet Explorer vulnerability, to compromise new computers. So we encourage the public to be really careful to avoid being infected. In any case, from PandaLabs we keep on fighting against malware 24 hours, identifying new samples and creating vaccines against them. In addition, we have our TruPrevent proactive technologies that provide protection against new malware based on their behavior.
Microsoft has already informed about this problem in their blog, and has made available to all users an urgent toolkit which would seal the hole, called Enhanced Mitigation Experience Toolkit (EMET), until they are able to deliver a patch that solves the vulnerability once and for all.
In any case, the easiest solution is to avoid using Internet Explorer until Microsoft solves this vulnerability on its browser, and use Chrome or Firefox.