You may have heard about the Microsoft warning of a dangerous attack against Internet Explorer users in this week’s news. An organized cybercriminal group is conducting a targeted attack campaign against users of Internet Explorer, and narrowing in on U.S. organizations with strong ties to the defense and financial industries. This attack has prompted Microsoft to issue a security advisory, warning users that the attacks are targeting every supported version of its browser. The cybercriminals are using a malicious link to get users to visit an attack website with the aim of gaining complete control of the victim’s PC.
Apparently, the attackers specialize in using custom browser-based zero-day exploits against Internet Explorer, Firefox and Flash. The attack patterns have been difficult to trace and their command-and-control methods bypass intrusion detection systems. Once they gain access, typically within seconds, they establish a foothold on the victim’s machine, implement a back door for remote access, and then move laterally on the victim’s corporate network.
Windows XP users likely will remain vulnerable indefinitely, since Microsoft has ended support for XP.
Many organizations have switched to Google Chrome as their standard browser, but some are still tied to Internet Explorer to enable custom applications to properly function.