Widespread Attacks Exploit Newly-Patched IE Bug

itwbennett writes "The first widespread attack to leverage the Internet Explorer flaw that Microsoft patched in an emergency update Thursday morning has surfaced. By midday Thursday Symantec had spotted hundreds of Web sites that hosted the attack code. The attack installs a Trojan horse program that is able to bypass some security products and then give hackers access to the system, said Joshua Talbot, a security intelligence manager with Symantec. Once it has infected a PC, the Trojan sends a notification e-mail to the attackers, using a US-based, free e-mail service that Symantec declined to name." Relatedly, reader N!NJA was among several to point out that Microsoft has apparently been aware of this flaw since September.

Re:A US-based, free e-mail service

[Anonymous Coward]

Juno

No I don't. Juno who might?

Re:kind of makes you wonder

[cheftw]

The attack installs a Trojan horse program that is able to bypass some security products

I don't see why you're so worried, this obviously refers to the equestrian unit.

Re:kind of makes you wonder

[Zero__Kelvin]

"It makes me feel nicer that it could just be a shitty project, rather than just shitty people."

There is no reason why they can't live together in unison.

Re:Exactly how does it work.

[Zero__Kelvin]

"Correct me if I'm wrong (but I do have a CCNA cert)"

That's just plain wrong