Microsoft Internet Explorer Used By Chinese Hackers To Break Into Google, Adobe

In a candid admission, Microsoft Corp has said that the security vulnerabilities in its browser were indeed exploited by the cybercriminals to hack the networks of Adobe Inc., Google, and several other companies.

Earlier, the internet security vendor McAfee had exposed the fact that the hackers used the security flaws in Microsoft’s Internet Explorer (IE) to infiltrate Google networks.

Responding to the situation, the software giant has released a security advisory on Thursday, warning users of a critical and unpatched security hole in IE that could allow hackers to steal their login credentials for crucial online accounts.

The security vulnerability involves IE’s capability of handling JavaScript and the malware involved in the attacks gave the hackers access to “back door” to intrude into the system’s security and seize control over its resources.

Incidentally, IE is vulnerable to this kind of attack on almost all latest Microsoft operating systems, including the recently released Windows 7.

Mike Reavey, director of Microsoft’s Security Response Centre (MSRC), wrote in a blog post: “We have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks.”

In addition, Google has released details about the attacks on Tuesday, in which it claimed that the attacks weren’t only targeted at the US companies. Some of the notable companies that were attacked include Adobe Systems, Juniper Networks, Yahoo, Dow Chemical, Symantec, and Northrop Grumman.

Our Comments

That's bad, really bad. This shows that the attackers had enough manpower for them to look into Internet Explorer code and found out flaws that will allow them to have access to login details, vulnerabilities that have only been found now. This means that in theory, no browser is safe.

Related Links

Microsoft confirms IE zero-day behind Google attack

(Computerworld)

China Attackers Exploited Internet Explorer

(NetbookBoards.com)

Chinese hackers used Microsoft browser to launch Google strike

(Guardian)

Attackers Employed IE Zero-Day Against Google, Others

(Dark Reading)

McAfee says Microsoft tool source of China attacks

(Market Watch)