Description of the attack
On January 14, 2010 McAfee Labs identified a zero-day vulnerability in Microsoft Internet Explorer that was used as an entry point for Operation Aurora to exploit Google and at least 20 other companies. Microsoft has since issued a security bulletin and patch.
Operation Aurora was a coordinated attack which included a piece of computer code that exploits the Microsoft Internet Explorer vulnerability to gain access to computer systems. This exploit is then extended to download and activate malware within the systems. The attack, which was initiated surreptitiously when targeted users accessed a malicious web page (likely because they believed it to be reputable), ultimately connected those computer systems to a remote server. That connection was used to steal company intellectual property and, according to Google, additionally gain access to user accounts. Learn more.
What is McAfee doing to protect customers?
Upon learning of the attack, researchers at McAfee Labs delivered malware detection; behavioral and content signatures; web security, IPS, and IP security updates; product configuration suggestions; and advice on the McAfee Labs blog.
McAfee Global Threat Intelligence, our real-time, “in-the-cloud” data collection system for both known and emerging threats across all key threat vectors, monitors the web for exploits and hot spots related to Operation Aurora and other threats, and immediately delivers protection to McAfee products. Learn more.
McAfee can provide you with answers such as: