IE Vulnerability Used in Google Attack

Kara Reeder

Computerworld reports that Microsoft has admitted that a critical and unpatched vulnerability in Internet Explorer was used in the attack against Google and other companies' networks.


According to Microsoft's security advisory, the only version of IE not containing the critical flaw is IE 5.01 running on Windows 2000. All other versions are vulnerable. As eWEEK notes, McAfee says the zero-day exploit:

opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system. The attacker can now identify high-value targets and start to siphon off valuable data from the company.

The attack has led Google to consider pulling out of China, which IT Business Edge blogger Don Tennant believes is a bad idea. But it's not just those affected by the attack that should be concerned, says CTO Edge blogger Wayne Rash:

If you have a network presence in China, you should assume that no effort is being spared to use it as a way to gain access to your entire network.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data