Operation Aurora has received a lot of attention over the past couple of days.Â To recap, Google, Adobe, and many other companies were attacked with code exploiting a zero-day vulnerability in Internet Explorer.Â Since the announcement of this vulnerability (CVE-2010-0249), exploit code has been made public and already revised into a more usable form.
History tells us that when exploit code targeting an unpatched vulnerability in popular software is release; a slew of attackers are ready, willing, and able to capitalize.Â What started out as a sophisticated targeted attack is likely to lead to large-scale attacks on vulnerable Microsoft Internet Explorer users.Â This often takes the form of drive-by download sites serving malware to unsuspecting users, lured by links spammed in email, social networking sites, blogs, and poisoned search engine results.
For more information on this vulnerability, the Operation Aurora attack, and ways to protect your environment see:
More Details on “Operation Aurora”
About the Author
Categories: McAfee Labs